MediaWiki currently provides only "authorize" endpoint, but this means that users have to confirm the application again and again. By providing "authenticate" endpoint, users could just "sign in" and get immediately redirected back, without having to confirm anything, if all permissions are still same, and user has not revoked the application.
See Twitter documentation for more information: https://dev.twitter.com/docs/api/1/get/oauth/authenticate
Version: unspecified
Severity: normal