Permissions to Read, Write and Direct Message for app only, not 3rd party users



I’d like full permissions for my web service to access its own twitter account’s direct messages, but for 3rd party (users of my web service) I only need read permissions for sign-in to my site.

Do I need to define two different “apps” with different sets of permissions to accomplish this?



Yes, you’d need to use different keys to achieve this.