I have an application that is only used for sign in with twitter. It has been granted access to twitter users email addresses.
This was working fine via verify_credentials until i generated a new secret consumer key for my app. and tested a post to twitter function through it.
Now i am not being given the email address despite everything being exactly the same on our website (we have obviously replaced the old key for the new one). the request to verify_credentials is otherwise successful and returns data. and i have lowered the permission request to RO (from RW for testing posting) to make things exactly how they were.
It feels like there is something wrong with the twitter app, its key, or its permissions - perhaps some kind of caching?
What really makes me think this is that since regenerating the key - some users are now asked to authenticate every time they login. This creates several apps with the same name in the users settings/apps page.every time they authenticate. very strange!
Any help would be appreciated.