Oauth/authorize endpoint no longer showing an interstitial screen for users that have authorized the app token use

n8whnp · 2017-12-05T17:43:57.471Z

Hello,

In this thread it was announced that twitter had changed the behavior of the oauth/authorize API endpoint to show an interstitial screen each time a user is directed to that endpoint as part of a oauth handshake:

Recent changes to Twitter’s OAuth login flow and API endpoints Announcements

Change On September 29th 2017, a change was made to Twitter’s backend OAuth API endpoints which altered the behaviour of the /oauth/authenticate endpoint to match that of the /oauth/authorize endpoint. This change was made as a safety measure to protect our users, and to ensure that they understand which applications are requesting the use of their Twitter authentication tokens and the permissions that are being granted. Impact Applications that previously called the /oauth/authenticate endp…

In the past two days we’ve observed that the behavior has changed and now when users that have previously authorized an app to receive their user token are redirected back the originating app.

Three quick questions:

Was this an intentional change?
What behavior should we expect going forward?
What is the best way to keep informed about changes to the API endpoint behavior?

Connexinet · 2017-12-21T00:28:06.672Z

I Second this question.
We have implemented workarounds to reduce the impact of the previous change, and we would like to know if this is permanent, and if we should remove these workarounds and go back to the original implementation, since it was more secure.
Andy, can you help?