OAuth1 third leg step problem

[Whyounes]

The third step of the authorization process is wrong. After getting redirected back from the authorize endpoint we have an oauth_verifier that we pass to the oauth/access_token endpoint to get a token and a token_secret. The main reason behind using OAuth is to avoid app developers asking users for their username and password!!

[omikronn]

Hello @Whyounes, not sure if I completely understand the problem you're outlining, but the token and token_secret are not the same thing as your username and password, they're OAuth credentials (that effectively offer lease-based access to your private resources), and that can be revoked at any time from your Application Settings page on 500px (https://500px.com/settings/applications).