Changing application permissions invalidated access tokens?


We’re rolling out an improved Twitter product and wanted to add in the ability to allow users to tweet out their stats and as part of that we wanted to update our permissions to “Read & Write” but in doing so the thousands of current users of our application have become invalidated.

The only explanation I’ve seen in any Twitter docs points to the permissions being tied to the credentials not the application and thus the Read Only credentials should have still worked.

Invalidating all currently authenticated tokens could not have been the intended result of this change. Will downgrading to Read Only reverse this or are all credentials permanently invalidated?