Yes, it’s required to ask for permission from the API policy team through api@twitter.com – include as many details about how Twitter is used in your application and why xAuth is the best solution for you. Include links to screen shots of Twitter functionality within your application.
To prepare for xAuth, consider the OAuth sequence you’ve developed:
- Request a request token on oauth/request_token
- Send the user to oauth/authorize with the request token
- Receive PIN from user
- Exchange request token for access token using PIN on oauth/access_token
- Use access token for requests to the API
The xAuth sequence is simplified to:
- Request access token using username and password from oauth/access_token
- Use access token for requests to the API
