Getting a new PIN code without having to log in



I’ve implemented the PIN-based authorization (as explained at: Everything is working but I have one question which is best explained with the following scenario:

  1. The Twitter user enters an incorrect PIN number.
  2. I perform the POST oauth/access_token request and set the oauth_verifier parameter to the PIN number entered in Step 1.
  3. Because the PIN is incorrect, I receive a 401: Unauthorized error.
  4. At this point, I tell the user that the PIN they have entered is incorrect and that they should re-enter it.

Step 4 is the issue. The original PIN number does not seem to be valid anymore because the POST oauth/access_token request returned the 401 error (or so I think that’s why the PIN is no longer valid). Thus, my question is, is there a way to reuse the same PIN number, or can I get a new PIN number without having the Twitter user log in again?

I hope this makes sense. Thanks.