I found a bug yesterday on apps.twitter.com.
Steps to reproduce:
- Go to apps.twitter.com
- Create a new twitter app, I didn’t check the box for needing email permissions.
- In the app’s settings page, the permissions tab shows the current app permission as “Read & Write”. This is a good default to have.
- Go to the /oauth/authorize endpoint after the usual oauth negotiations, which takes a user to a “authorize this app” page
The page asks the user for read and write permissions.
The page asks the user for read permissions.
- Go to the app’s settings page, permissions tab, and change the permissions to one of the other two options (read, or read+write+dm) and click apply.
- Change it back to read+write and click apply.
- Now the expected behavior is seen.