I have a fair understanding of how to implement the OAuth protocol and how it works with the user experience and user flow. However, after all the authentication and granting of access to my application is done and complete, what can I store about the user within my application database? For example, some of my application’s functions require a user’s email address. So, can I store a user’s registered twitter email address in my application’s database? If not, do I have to hit up Twitter’s API each time I want that email address? If that is the case, won’t I need to store some type of identifier in my database for users who logged in with the Twitter API? What identification information can I store within my own database?
Any pointers, tips, or suggestions to help me with this question are greatly appreciated!
Thank you for your time and help.