There are two URLs twitter offers for applications requesting an OAuth token:
/oauth/authenticate
and /oauth/authorize
. When an application directs users to the authorize endpoint - Twitter will request the user to authorize the application EVERY time they log-in. The authenticate endpoint will request authorization once and then any subsequent log-ins to Twitter will seamlessly pass-through to the application callback. This is more traditionally known as "signing in with your Twitter account".
In Scribe, the default is authorize - to change this to authenticate you need 2 things:
- Ensure the Allow this application to be used to Sign in with Twitter setting is checked in your Twitter application settings page.
- In your application - when you specify the Scribe API class to use - instead of using
org.scribe.builder.api.TwitterApi.class
change this toorg.scribe.builder.api.TwitterApi.Authenticate.class
Now your application will direct users to sign-in to the /oauth/authenticate
endpoint and, if they have authorized your application at least once, they will just get passed through.
Edit: Additional documentation - https://dev.twitter.com/docs/api/1.1#102