@slipstream - Well that sucks. Guess I’ll delete it now.
@tinker Don't forget to revoke it from your authorized apps, too.
Re: OAuth tokens. Thinking about it like a tool developer: Say if you are developing a distributed scraper say for loadbalancing, you don't want to bother the user to submit a new auth code every time you switch to a new worker.
So now, where do you store the access token? A centralized server?
But yes, no one prevents you to have a range of different clients under the same client id/secret -- so you can re-use the token.
I am waiting for involuntary scam toots of my friends to come and haunt me.
I personally would discourage from entering your password into any client you did not write yourself. Otherwise sooner or later a toxic app taking control of your account.
(I swear I am a nice person who would never do such a thing)
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!