OAuth 2.0 Tokens and Twitter API: Everything You Need to Know
OAuth2 flow for Twitter
+--------+ +---------------+
| |--(A)- Authorization Request -> | |
| | | |
| |<-(B)-- Authorization Grant -------| |
| | | |
| | | Authorization |
| | | Server |
| | | |
| |--(C)-- Authorization Grant --> | |
| | +---------------+
| |
| | +---------------+
| |--(D)-- Access Token Request --> | |
| | | |
| |<-(E)------ Access Token --------- | |
| | | Resource |
| | | Server |
| | | |
| |--(F)------ Access Token ------> | |
| | +---------------+
| |Steps :
- Create Twitter developer account and verify phone number.
- Enter your usecase and agree to their terms.
- You will be directed to Twitter Dashboard with a project created.
- Click on keys & tokens -> Regenerate API Key & Secret under Consumer Keys and Bearer Token , Access Token & Secret under Authentication Tokens and save it for future use.
5. Go to the project in developer portal and setup user authentication
6. Give the app permission to Read and write and direct message
Type of app -> Native App
7. In the app info, add http://127.0.0.1 in the callback uri
Add website url as seen in your browser
https://developer.twitter.com/en/portal/projects/1648328711593181184/apps/26952311/auth-settingschange auth-settings in the last to settings
https://developer.twitter.com/en/portal/projects/1648328711593181184/apps/26952311/settingsand save it.
8. On completing this steps, you will get Client ID & Client Secret.
9. Add the Client ID generated from step 8 to the following url and get the authorization code from the browser
https://twitter.com/i/oauth2/authorize?response_type=code&client_id=<client-id>&redirect_uri=http://127.0.0.1&scope=tweet.read%20users.read%20follows.read%20offline.access&state=state&code_challenge=challenge&code_challenge_method=plainYou will be asked to Authorize the app so that third-party application can access your Twitter data on your behalf.
User will be redirected to Twitter’s authorization URL, which looks like this
http://127.0.0.1/?state=state&code=TEsjdajdbhahbMQm92ODE4MzAzNzI2Nzc6MToxOmFjOjETip : There is 30 sec expiry limit on the authorization code generated from the browser.
10. Generate Access Token
Make a curl request to https://api.twitter.com/2/oauth2/token with authorization code got from step 9 and Client ID within 30 seconds of the code generation
curl --location 'https://api.twitter.com/2/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Cookie: guest_id=v1%3A166539399762736297; guest_id_ads=v1%3A166539399762736297; guest_id_marketing=v1%3A166539399762736297; personalization_id="v1_VfKYUIP1Z7FdzmaqEs4KTw=="' \
--data-urlencode 'code=<authorization-code>' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'client_id=<client-id>' \
--data-urlencode 'redirect_uri=http://127.0.0.1' \
--data-urlencode 'code_verifier=challenge'You will get json response of following type
{
"token_type": "bearer",
"expires_in": 7200,
"access_token": "WWxlQnkzdWczMmdUZXo4d2514MTY6MToxOmF0OjE",
"scope": "users.read follows.read tweet.read offline.access",
"refresh_token": "X0ZaTWJHBvRGZselk3bGZNa1dZMHlBOjE2ODE4MzA5NTEnJ0OjE"
}11. Access Twitter’s data using the Access Token
- Get single Tweet by Tweet ID
curl --location 'https://api.twitter.com/2/tweets/1307290179556630528' \
--header 'Authorization: Bearer <access-token>' \
--header 'Cookie: guest_id=v1%3A166539399762736297; guest_id_ads=v1%3A166539399762736297; guest_id_marketing=v1%3A166539399762736297; personalization_id="v1_VfKYUIP1Z7FdzmaqEs4KTw=="'Json response:
{
"data": {
"edit_history_tweet_ids": [
"1307290179556630528"
],
"id": "1307290179556630528",
"text": "Brothers in the air 😃 @ABdeVilliers17 https://t.co/hf0oeB9Z0h"
}
}- Get multiple tweets by Tweet ID
curl --location 'https://api.twitter.com/2/tweets?ids=1579329448390037504%2C1307290179556630528%2C1575743933799243777%2C1576643915322564609%2C1579397173464117249%2C1579324694041591808' \
--header 'Authorization: Bearer <access-token>' \
--header 'Cookie: guest_id=v1%3A166539399762736297; guest_id_ads=v1%3A166539399762736297; guest_id_marketing=v1%3A166539399762736297; personalization_id="v1_VfKYUIP1Z7FdzmaqEs4KTw=="'The following collection contains the curl request for data of lookup tweets, users by ID or username, followers or following of the user, list of tweets, list of members, create/delete tweet, recent search, full archive search, liked tweets and many more..
Token uri : https://api.twitter.com/oauth/request_token
Auth uri : https://api.twitter.com/oauth/authorize
Troubleshooting
- If you are getting such error
{
"client_id": "96251321",
"detail": "When authenticating requests to the Twitter API v2 endpoints, you must use keys and tokens from a Twitter developer App that is attached to a Project. You can create a project via the developer portal.",
"registration_url": "https://developer.twitter.com/en/docs/projects/overview",
"title": "Client Forbidden",
"required_enrollment": "Appropriate Level of API Access",
"reason": "client-not-enrolled",
"type": "https://api.twitter.com/2/problems/client-forbidden"
}Resolution : Create a Project via the Twitter Developer Portal and then attach a Twitter developer App to it. Navigate to the project by clicking on the project name in the “Projects & Apps” tab and delete the old app. Create new app , get your keys & tokens , go to App settings and follow all the steps from step 5.
