I just got an email from twitter saying my keys have now been enabled for reverse auth so I git cloned the following project : https://github.com/seancook/TWiOS5ReverseAuthExample
and swapped the keys there. I tried running the demo and it seems to work and I don't get any errors but the response I get back from twitter is an empty json. I got no clue what is wrong since an empty json means nothing.
Anyone had any luck with this? Greatly appreciated.
On
In normal authentication, you enter a password and the website verifies you are the correct user. In reverse authentication the website gives you a password or pass-phrase and you verify you are at the correct website.
When you set a Reverse Authentication Pass Phrase, twitter.com will show you this pass phrase after you enter your username & password, but before you enter your encryption key, each time you login. This verifies that you have reached the authentic twitter.com website. If you were somehow misled to another website which looked similar to twitter.com the impersonating website would not be able to give you the correct Reverse Authentication Pass Phrase, set by you. This protects you, your encryption key, and your passwords.
A Reverse Authentication Pass Phrase can be anything you want; a word, a phrase, a positive message, or something silly.
Examples:
I love my dog scruffy, Eight Six Seven Five Three Oh Nine, Blue Monkey Mine Shaft, or anthing you wish
How to use reverse authentication click here
This might sound silly, but check that you haven't reversed your CONSUMER_KEY with your CONSUMER_SECRET. I did this without looking close enough and couldn't figure out what was wrong, but it was the same response that you are getting. Once I noticed it everything worked perfectly.