Thank you very much for your prompt reply.
Nevertheless, while implementing the authorization header according to the specifications listed as Authorizing a request we’ve come across the issue of where to get the “OAuth token secret” from, in order to have a signing key for the signature calculation.
Our client is a mobile app signing in to twitter once and passing the server its access token. On the server side - the twitter REST API is supposed to be called to retrieve a list of followings on behalf of the end user.
Can you please help us with getting this “OAuth token secret”?
Does that sounds like a proper flow ?
The integration level do seem to be pretty complex for such a simple API call.
Thanks in advance.
