I'm aware that access is returned as X-Access-Level header in response to API requests. But I noticed read-write is returned for both Read and Write and Read, Write and Direct Messages. So, how do I know if the app has access to Direct Messages as well?
Testing with the Apigee Twitter console I get x-access-level:
read-write-directmessages as a response header. The access token granted for the account you are testing likely doesn't have DM access granted. Try revoking the access token and authorizing it again.