so say I make a self hosted app that uses the twitter api. I get a token and store it within the app somewhere. does this mean that other self hosted apps that use the twitter api will be able to make calls with my token if they were to somehow gain access to the token?
assume all apps are on the same domain