You know that observation Admiral Grace Hopper made?
“Life was simple before World War II. After that, we had systems.”
I think one of the things not often taught to programmers or covered in books is how obscure things can get when systems go interoperable. I was having a hard time getting the sign-on, sign-off behavior promised in the Microsoft Live SDK to work. One thing you do when logging in is pass whatever scopes you need, such as access to SkyDrive or Hotmail. It turns out that whenever you first do this, Live saves a profile for the app, including all the scopes (which the user has consented to). Later, when the hapless programmer is vainly trying various combinations of scopes, unbeknownst to him or her it doesn’t matter because Live doesn’t update the profile.
I happened to come across a post on the MSDN site mentioning that what you have to do is visit https://consent.live.com and remove those scopes (or to be on the safe side, the entire app) from whatever logins you’ve used for testing, e.g:
Then the next time you login from an app, the current scopes will be used. The one scope to avoid, at least with the button control for Windows Phone, is wl.signin. One I know to keep is wl.offline_access, which helps avoid having to login every time.