PIN-based authorization

The PIN-based OAuth flow is intended for applications which cannot access or embed a web browser in order to redirect the user to the authorization endpoint. Examples of such applications would be command-line applications, embedded systems, game consoles, and certain types of mobile apps.


The PIN-based flow is implemented in the same exact way as Implementing Sign in with Twitter  and 3-legged Authorization, with the only difference being that the value for oauth_callback must be set to oob during the POST oauth / request_token call.

Once your application has obtained either a GET oauth/authenticate or GET oauth/authorize URL, display the URL to the user so that they may use a web browser to access Twitter.

When an oob callback is requested and the user visits Twitter, they will not be automatically redirected to the application upon approving access. Instead, they will see a PIN code, with instructions to return to the application and enter this value.