I need help with Twitter API v1.1

Question

FarrisFahad 103 Junior Poster

9 Months Ago

I am trying to create my first successful API request.
I want to post on my twitter account.
I have created the developer account and generated consumer key and secret as well as access token and secret.
I have also obtained the bearer token.

I want to post on Twitter using the 1.1 version API.
I want to do it with no framework or library. Just good old cURL and PHP.

Here is what I have come up with ...

$api_endpoint = "https://api.twitter.com/1.1/statuses/update.json";
$authorization = "Authorization: OAuth oauth_consumer_key=\"{$settings['consumer_key']}\", oauth_consumer_secret=\"{$settings['consumer_secret']}\", oauth_token=\"{$settings['access_token']}\", oauth_token_secret=\"{$settings['access_token_secret']}\"";

$status = 'Hello World';

$ch = curl_init();

curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json' , $authorization ));
curl_setopt($ch, CURLOPT_URL, $api_endpoint);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, [
   'status' => $status
]);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

$response = curl_exec($ch);

curl_close($ch);

$result = json_decode($response, true);
print_r($result);

It's returning: Array ( [errors] => Array ( [0] => Array ( [code] => 215 [message] => Bad Authentication data. ) ) )

api php social-media

3 Contributors
5 Replies
82 Views
3 Days Discussion Span
Latest Post 9 Months Ago Latest Post by Dani

pritaeas 2,194 ¯\_(ツ)_/¯

9 Months Ago

https://developer.twitter.com/en/docs/twitter-api/getting-started/make-your-first-request

You Authorization header is wrong, please reread the documentation. It should look like this:

Authorization: BEARER <your_bearer_token>

Edited 9 Months Ago by pritaeas

Dani 4,312 The Queen of DaniWeb

9 Months Ago

It seems as if you have to use OAuth to authenticate on behalf of your user (or whomever you want your application to post tweets on the behalf of). How did you generate the authorization bearer_token? It seems as if that's just a token to authenticate on behalf of your app, not on behalf of an end-user of your app/Twitter, which is what you need to do here.

When I go here I see that they offer four different authentication methods. It looks like OAuth 1.0a as well as OAuth 2.0 Authorization Code Flow with PKCE are the two that allow you to authenticate on behalf of a Twitter account.

Do you have experience with using OAuth to authenticate on behalf of an end-user?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

FarrisFahad 103 Junior Poster Premium Member · Answer 1 · 2024-01-19T12:17:39+00:00

I am trying this but it returns an error ...

$api_endpoint = "https://api.twitter.com/2/tweets";
$authorization = "Authorization: Bearer {$settings['bearer_token']}";

$text = 'Hello World';

$ch = curl_init();

curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json' , $authorization));
curl_setopt($ch, CURLOPT_URL, $api_endpoint);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, [
   'text' => $text
]);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

$response = curl_exec($ch);

curl_close($ch);

$result = json_decode($response, true);
print_r($result);

Array ( [title] => Unsupported Authentication [detail] => Authenticating with OAuth 2.0 Application-Only is forbidden for this endpoint. Supported authentication types are [OAuth 1.0a User Context, OAuth 2.0 User Context]. [type] => https://api.twitter.com/2/problems/unsupported-authentication [status] => 403 )

Do I need to use consumer key and secret? or access token and secret? How should I use them.
I am sorry but I am new to APIs

Dani 4,312 The Queen of DaniWeb Administrator Featured Poster Premium Member · Answer 2 · 2024-01-19T18:02:45+00:00

Here's a document on how to use OAuth 1.0a: https://developer.twitter.com/en/docs/authentication/oauth-1-0a/obtaining-user-access-tokens

That's what you need.

Dani 4,312 The Queen of DaniWeb Administrator Featured Poster Premium Member · Answer 3 · 2024-01-19T23:52:44+00:00

OK, so I have some more time right now to explain in greater detail. When you post a tweet, you're app is basically acting on behalf of an end-user. Twitter, or X, or whatever they call themselves now, needs your end-user to go through the process of authenticating and then authorizing your app to tweet on their behalf ... kinda like Sign In with Facebook or Sign In with Google type of thing.

So an end-user of your app will click a link within your app to connect your app to twitter. They will then be redirected to twitter to authenticate (e.g. log into their twitter account, if they aren't already logged in). They'll then be asked to authorize your app to tweet on their behalf. They'll click accept, and it will redirect back to your app along with an access token. Your app can then use that access token in the cURL request to tweet.