The user is forced to authorize my app each time , I am using oauth2 , API V2

AmrrAdelSalem · 2022-12-06T23:16:48.293Z

the user is forced to authorize my app each time , I am using oauth2 , API V2
I want the user to go directly to the web site if he previously authorized my app. thanks.

stephinami · 2022-12-07T00:30:31.567Z

Hi @AmrrAdelSalem, thanks for your question! Have you considered using a refresh token?

developer.twitter.com

OAuth 2.0 Authorization Code Flow with PKCE

This should allow your app to obtain a new access token without having to prompt the user to authorize the app every time it expires.

fdocr · 2023-01-06T19:52:06.429Z

Hi, I’m experiencing the same issue.

The problem is that we want to use OAuth2 as “Sign in with Twitter” (mentioned in Authorize URL section on that dev docs document you shared @stephinami) so if someone authorizes our app via OAuth2 on their desktop browser, but then tries to “Sign in with Twitter” again on their mobile phone they will encounter the authorization prompt again.

AFAICT we can’t work our way around this with a refresh token provided the first time the user signed in, unless I’m missing something. Other popular OAuth2 providers do work in the way we are expecting (including Twitter OAuth 1.0a) but not Twitter’s OAuth2. Any ideas or suggestions to solve this?