Authentication
POST oauth/request_token¶
Allows a Consumer application to obtain an OAuth Request Token to request user authorization. This method fulfills Section 6.1 of the OAuth 1.0 authentication flow.
It is strongly recommended you use HTTPS for all OAuth authorization steps.
Usage Note: Only ASCII values are accepted for the oauth_nonce
Resource URL¶
https://api.twitter.com/oauth/request_token
Resource Information¶
Response formats | JSON |
Requires authentication? | No |
Rate limited? | Yes |
Parameters¶
Name | Required | Description | Example |
oauth_callback | required | For OAuth 1.0a compliance this parameter is required . The value you specify here will be used as the URL a user is redirected to should they approve your application’s access to their account. Set this to oob for out-of-band pin mode. This is also how you specify custom callbacks for use in desktop/mobile applications. Always send an oauth_callback on this step, regardless of a pre-registered callback. We require that any callback URL used with this endpoint will have to be whitelisted within the app settings on developer.twitter.com* |
http://themattharris.local/auth.php twitterclient://callback |
x_auth_access_type | optional | Overrides the access level an application requests to a users account. Supported values are read or write . This parameter is intended to allow a developer to register a read/write application but also request read only access when appropriate. |
Learn more about how to whitelist your callback URLs on this page.
Please note - You can manage your existing apps on either apps.twitter.com or, if you have applied or been approved for a developer account, on developer.twitter.com.
We strongly encourage you to read this blog post and to apply for a developer account as soon as possible, as we already require an account to create any new apps and will eventually be requiring an account to manage apps.
Example request¶
Request URL:
POST https://api.twitter.com/oauth/request_token
Request POST Body: N/A
Authorization Header:
OAuth oauth_nonce="K7ny27JTpKVsTgdyLdDfmQQWVLERj2zAK5BslRsqyw", oauth_callback="http%3A%2F%2Fmyapp.com%3A3005%2Ftwitter%2Fprocess_callback", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1300228849", oauth_consumer_key="OqEqJeafRSF11jBMStrZz", oauth_signature="Pc%2BMLdv028fxCErFyi8KXFM%2BddU%3D", oauth_version="1.0"
Response:
oauth_token=Z6eEdO8MOmk394WozF5oKyuAv855l4Mlqo7hhlSLik&oauth_token_secret=Kd75W4OQfb2oJTV0vzGzeXftVAwgMnEK9MumzYcM&oauth_callback_confirmed=true