Changing permission settings disables callback url redirection


#1

I want to change my default permissions from read to read/write, but am having some difficulty when it comes to already authenticated users.

If a user previously had authorized this app and has the permissions level set to “read only”, they get the auth dialog the next time they try to login to the app (which makes sense because the permissions level has changed) BUT whenever you click “sign in” it does not redirect to the callback url and just reloads https://api.twitter.com/oauth/authenticate

if the user DOES NOT have an already existing auth for this app, everything works fine and they are redirected after saying sign in. Also if i go in and revoke the read only permissions and then sign in everything works fine again. its only in the case where a user already has a specific authorization and the permissions change from what they authorized. I’ve tried through setting the default permission type in app settings as well as sending in x_auth_access_type to the request_token post, but the same thing happens in both situations.

am I doing something wrong here?