OAUTH authorization for desktop clients


For a desktop application user should enter PIN number issued by Twitter only once when allows application to get access to her/his data? Or user will be required to enter new PIN for every new session?


Technically, they need to only enter it once and then you persist the access token and utilize it in subsequent requests. How you handle this personally though depends on what kind of session management you have in your application and whether persisting the access token makes sense for the type of app you have.