I just implemented sign in with twitter for my webapp. At the end of the OAuth 3-legged flow, I needed to retrieve the screenname & avatar pic for the user. All I had was the twitterid e.g. 3546735
So I performed a GET http://twitter.com/users/show/3546735.json No security is required for this method, although it is rate-limited.
Recently I've read about another api method called verify credentials
Why should I call this compared to the simple GET above ?
It's of little use to you since you're already doing OAuth. It would provide the credentials in a single request, which can be easier to implement in some applications. Stick with OAuth if you've already done the work.
I believe the verify credentials approach is being phased out. OAuth seems to be the preferred approach.
One use of account/verify_credentials for OAuth is it gets the logged in users profile information without affecting the rate limit.
Update: verify_credentials now counts against the users rate limit.