We are using the Oauth 1.0 authentication Flow with the Twitter API. This basically come down to this spec: http://oauth.net/core/1.0/#anchor9.
We created the app and started to get users. Later we implemented Signup with Twitter where now we require the users email address from the API. We asked Twitter and therequest was granted. It works, great.
Now we have an issue with existing users because those authorized the App before we had that Email permission and with their existing Access Token, Twitter doesn't give us that.
Twitter writes in their documentation (https://dev.twitter.com/rest/reference/get/account/verify_credentials)
Note
Your app will need to regenerate the user access tokens for previously authenticated users to access their email address.
How can this be done?
When we delete the corresponding data (token and secret) on our side and ask for new Auth it doesn't have any effect. Twitter always gives us the same token and secret again.. and with that in the account/verify_credentials call no email address.
The only way which we found works is when we log into Twitter and revoke access to the App. Then we get a new token and secret which gives us access to what we want.
But we don't want to tell that to our users but rather do this programatically utilizing the API. How?
