Why does my app need permission granted every time the user authenticates through OAuth?


#1

According to https://dev.twitter.com/docs/auth/implementing-sign-twitter “If the user is signed in on twitter.com and has already approved the calling application, they will be immediately authenticated and returned to the callback URL with a valid OAuth request token. The redirect to twitter.com is not obvious to the user.” However, I am forced to agree to permissions for the app every time I authenticate and not redirected. I can successfully use the API after each grant so I know the access token is properly received, and I even checked my app authorizations to confirm my app is listed. Why would I be required to permissions every time I authenticate instead of being redirected automatically?


#2

Are you using https://api.twitter.com/oauth/authenticate (rather than oauth/authorize) when invoking this flow? Is an already existent twitter.com session present when the user lands on that page? Are you asking for RW permissions or RW+DM permissions (only RW and RO permissions are supported in this flow). Are there any other parameters you’re passing that might force login?


#3

Ahhh, I was using authorize instead of authenticate…


#4

oauth/authorize will always display this dialogue. Use oauth/authenticate to receive the behavior you’re looking for.


#5

i am using tweepy. what should I do to solve the same problem?


#6

Confirm this, from the https://dev.twitter.com/docs/auth/implementing-sign-twitter

To use the “Sign in with Twitter” flow, please go to your application settings and ensure that the “Allow this application to be used to Sign in with Twitter?” option is enabled.


#7

Same error here: using /authorize instead of /authenticate. Thanks for help :slight_smile:


#8

Similar problem:

Whenever I call
https://api.twitter.com/oauth/authenticate?oauth_token=ipRd70H5ktMJLNKHhBSMEYDLjjBYvbEoqPNcrUgtBY
I get redirected to
https://api.twitter.com/oauth/authorize?oauth_token=ipRd70H5ktMJLNKHhBSMEYDLjjBYvbEoqPNcrUgtBY

What’s the reason for this? of course, I already authorized the app.