I have a mobile app that uses https://dev.twitter.com/docs/ios/using-reverse-auth to obtain a user’s access token and access token secret. When I ship those to my server and try to authenticate with Twitter, it only works if the mobile app shares the same consumer key and secret. This can’t be right.
Is this a bug in my implementation somewhere or is this by design?
I’ll debug and possibly get a detailed repro if this is not by design.