So, it’s entirely possible I’ve got some of this process wrong, correct me if I have.
I have a client mobile application (iOS, Android, Windows Phone) which connects to a RESTful API ( node.js, mongo ).
If I want to OAuth a twitter user so I can pull their data server side do some stuff, create an account with their data, I should be using Reverse Auth, except this is only available for iOS correct?
Regarding client secrets, I assume aside from wrapping the oauth/authenticate on my server, I’ll need to bake my secrets into the app?
Cheers
