I’m playing around with adding user authentication on my website using OAuth. I’m using

Question

0

Asked: May 25, 20262026-05-25T15:17:58+00:00 2026-05-25T15:17:58+00:00

I’m playing around with adding user authentication on my website using OAuth. I’m using

0

I’m playing around with adding user authentication on my website using OAuth. I’m using Twitter as the website to authenticate against.

When I accept the app on the Twitter site, I get bounced back to my website perfectly. Then I need to do something with the Tokens that come back. Looking at some demo code, the code stores the response.Token and the response.TokenSecret in memory (which is NOT recommended). It’s recommended to store these in a database or some persistence storage place.

Why?

What are they used for?

Are they associated to any users at all? I don’t understand the relationship with the workflow and also with users.

thanks 🙂

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-25T15:17:58+00:00

Editorial Team

2026-05-25T15:17:58+00:00Added an answer on May 25, 2026 at 3:17 pm

Should your application require access to a user’s protected Twitter resources it will have to use the user’s info (access token & token secret) along with your application’s info (consumer key and consumer secret.) If you store the user’s info in a persistent storage space and you share this and your consumer secret with the world then a malicious hacker can spam your user’s account.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m playing around with adding user authentication on my website using OAuth. I’m using

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply