I’m running devices A and B.
Device A can only show data to a user, but there is no user input.
Device A can run multiple Twitter applications from different developers (e.g. using different API Key and API Secret), but using the same interface to communicate with Device B.
Device B is a device for configuring device A.
Device B may run iOS or Android.
Device B has access to all Device A data including Twitter keys and access tokens for all Twitter apps it is running.
Device B can set access tokens for all Device A applications.
Device B will search Tweets and Users.
Device A will search Tweets.
The question is which login method is sufficient for accomplishing user login on Device B for use in both Device B and Device A application.
Twitter provides multiple login methods, like
- OAuth Echo
As far as I see I can get an access token using OAuth and since it will not expire automatically I can pass it to an embedded device’s application. Both devices may use REST API with the same access token, representing a single application. Is that a correct flow or there is a better way?