[BUG] Permissions set incorrectly when creating a new twitter app




I found a bug yesterday on apps.twitter.com.

Steps to reproduce:

  1. Go to apps.twitter.com
  2. Create a new twitter app, I didn’t check the box for needing email permissions.
  3. In the app’s settings page, the permissions tab shows the current app permission as “Read & Write”. This is a good default to have.
  4. Go to the /oauth/authorize endpoint after the usual oauth negotiations, which takes a user to a “authorize this app” page

Expected behavior:
The page asks the user for read and write permissions.

Actual behavior:
The page asks the user for read permissions.


  1. Go to the app’s settings page, permissions tab, and change the permissions to one of the other two options (read, or read+write+dm) and click apply.
  2. Change it back to read+write and click apply.
  3. Now the expected behavior is seen.