Re-authentication

oauth

#1

Hello,

I need some API for my app to confirms a person’s identity after checking previously. My app should asks a person to re-enter their Twitter password at any time. This is to prevent cases where a user leaves a device logged in or where a third party hijacks someone’s session with your app.

Ideally this mechanism should use an authentication nonce.

I’ve searched in API documentation but I don’t find anything useful. There is something similar?


#2

Twitter pretty much just has the one method for authenticating users. If you are not confident a user is who you think they are you should send them back through the OAuth flow.