I don't normally do "web programming", but now that I have to do some of it, I have to ask: how did this end up being the security standard? (OAuth 2.0, example from PayPal's API)pic.twitter.com/nHXqajAiej
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
I was just referring to this “If instead you passed merely a signature of the request signed using the secret, then any breach leaks only the specific token, and not the entire client authority.”
Then I think you may have misunderstood. PayPal still issues the same token. The only difference is that the initial request to PayPal uses a signature instead of passing the actual key directly.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.