You would create a single application. Then each of the users you’d want to tweet on behalf of would sign in to that application, granting it an access token for each user. You then use the appropriate access token to create the tweets.
The “easier way” is insecure and requires the application to know privileged information, like a user’s password.
