Twitter is a sign-in identity provider too... And revoking access at Twitter or deleting your account does not necessarily break that delegation token...
I trust their security team made this happen. But it's not intrinsic.
If you've ever "Logged in" to a website or app with Twitter, you created an account with a secret Twitter holds on its servers. You don't sign in with your Twitter account. You sign in with an OAUTH token Twitter owns.
Follow
@SwiftOnSecurity I can't retoot it hard enough. Another feather in the imaginary cap of #VerifiableCredentials.
