Yes, when a user tries to access the site via twitter app for the first time, he/she has that option. When a user “authorize app”, every time they try to login to the site, redirect from twitter happens automatically (you don’t have to ‘authorize’ every time) and from time to time they get ‘code’ => ‘access_denied’
