Oauth Verification Pin not Required?


So I am writing a C# app in Visual Studio. In it, I have an Oauth verification process.

Someone clicks SIGN IN, and it pops open their web browser and asks them to verify the app. When they do this, naturally Twitter will give them a PIN.

Now, the user puts the PIN into the text field and clicks AUTHORIZE and the app is linked. Works great.

However, what I noticed is that if the user doesn’t put anything in the text field for the PIN, or just types gibberish, the app still links, and still works. So wahts the purpose of the PIN?