400 "{"errors":[{"message":"Bad Authentication data","code":215}]}


#1

We are currently receiving 400 errors when interacting with the API for previously working requests to verify_credentials.json. The following is the payload: "{“errors”:[{“message”:“Bad Authentication data”,“code”:215}]}

This is part of our new user signup workflow so basically new users are unable to signup.


#2

Can you share a user ID this is happening with and any other information about the request? (The HTTP headers you’re sending, the exact URL you’re executing, and so on?) Thanks!


#3

Here’s one for my user: 14402132

GET /1/account/verify_credentials.json HTTP/1.1
Authorization: OAuth realm="", oauth_token=“11300502-mR37JPiUPfgLifLOI3Lj2iv61DQ8DZEq0y0MDMUM”, oauth_consumer_key="", oauth_signature_method=“HMAC-SHA1”, oauth_timestamp=“1353519448”, oauth_nonce=“11120750151629684”, oauth_version=“1.0”, oauth_signature="vd9lb%2FQMAJSs%2BLc1O4rxBIh11Pg%3D"
User-Agent: Jakarta Commons-HttpClient/3.1
Host: api.twitter.com

HTTP/1.1 400 Bad Request
Content-Type: application/json; charset=utf-8
Content-Length: 61
Date: Wed, 21 Nov 2012 17:37:28 UTC
Server: tfe

{“errors”:[{“message”:“Bad Authentication data”,“code”:215}]}


#4

Thanks, I’m looking into this issue.


#5

Thank you.


#6

Are you actually sending an empty oauth_consumer_key in this case or did you just omit it for the example?


#7

I omitted.


#8

I am encountering the same issue. I’m seeing it pop up in several threads over the last few days, so it must be a bug recently introduced. Any resolution yet?


#9

I am having the same problem.

I have a working test bed where:

get(“lists/statuses”) works perfectly fine.

if i just swap it to get(“statuses/home_timeline”) I get the above response.

Am I doing something wrong or is this a bug?


#10

Did anybody resolve this issue?


#11

For what it’s worth, here’s what we sent received. It’s been working fine for like years until just a few days ago:

20:47:08,665 [http-4321-2] DEBUG Request:
20:47:08,665 [http-4321-2] DEBUG GET http://api.twitter.com/1/statuses/home_timeline.json?include_entities=false
20:47:08,673 [http-4321-2] DEBUG OAuth base string: GET&http%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses%2Fhome_timeline.json&include_entities%3Dfalse%26oauth_consum
er_key%3D%26oauth_nonce%3D911738141%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1353635228%26oauth_token%3D136054363-TlI9LsJFSTvDY5GXwXaOVHbfVeseYY
OVnRUS5hE%26oauth_version%3D1.0
20:47:08,675 [http-4321-2] DEBUG OAuth signature: Ke68GcXdObN3dkapvecPH1A8u5w=
20:47:08,678 [http-4321-2] DEBUG Authorization: ****************************************************************************************************************


20:47:08,679 [http-4321-2] DEBUG X-Twitter-Client-URL: http://twitter4j.org/en/twitter4j-2.1.11.xml
20:47:08,679 [http-4321-2] DEBUG X-Twitter-Client: Twitter4J
20:47:08,679 [http-4321-2] DEBUG Accept-Encoding: gzip
20:47:08,680 [http-4321-2] DEBUG User-Agent: twitter4j http://twitter4j.org/ /2.1.11
20:47:08,680 [http-4321-2] DEBUG X-Twitter-Client-Version: 2.1.11
20:47:08,912 [http-4321-2] DEBUG Response:
20:47:08,913 [http-4321-2] DEBUG HTTP/1.1 400 Bad Request
20:47:08,914 [http-4321-2] DEBUG Date: Fri, 23 Nov 2012 01:47:24 UTC
20:47:08,915 [http-4321-2] DEBUG Content-Length: 86
20:47:08,915 [http-4321-2] DEBUG Content-Encoding: gzip
20:47:08,916 [http-4321-2] DEBUG Content-Type: application/json; charset=utf-8
20:47:08,917 [http-4321-2] DEBUG Server: tfe
20:47:08,919 [http-4321-2] DEBUG {“errors”:[{“message”:“Bad Authentication data”,“code”:215}]}


#12

Not for me, still not working here. Any status?


#13

Any resolution on this? I am still seeing this error on “verify_credentials” call. Please update the thread if anybody is able to resolve this issue.


#14

I have the same issue while I am trying to upload a picture to https://api.twitter.com/1.1/statuses/update_with_media.json:

OAUTH 1.0: Base string: POST&https%3A%2F%2Fapi.twitter.com%2F1.1%2Fstatuses%2Fupdate_with_media.json&oauth_consumer_key%3DpgdxowbuLIgB93xD5qw84g%26oauth_nonce%3D2335383970711083%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1354007164%26oauth_token%3D56183112-cbXnWNKdVuKK9fXBiuxojwehNeK75cmrPZtaaKeYa%252CpTOvVy4CsKXs6wMOI8a8mGVVfjfQrRPyzmoHjg%26oauth_version%3D1.0. OAUTH 1.0 (request): Using cosumer key: pgdxowbuLIgB93xD5qw84g, consumer secret: [[[OMITTED]]], token secret: [[[OMITTED]]]. HEADERS (request): Sending Content-Type (multipart/form-data; boundary=---------------------------7dc1251e10222). HEADERS (request): Sending Connection (close). HEADERS (request): Sending Accept-Language (en-US). HEADERS (request): Sending Accept (text/html, application/xhtml+xml, */*). HEADERS (request): Sending User-Agent (Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0)). HEADERS (request): Sending Dnt (1). HEADERS (request): Sending Authorization (OAuth oauth_consumer_key="pgdxowbuLIgB93xD5qw84g", oauth_nonce="2335383970711083", oauth_signature="LpGAOVa%2BpEwWieeGqS4oxy%2FL91c%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1354007164", oauth_token="56183112-cbXnWNKdVuKK9fXBiuxojwehNeK75cmrPZtaaKeYa%2CpTOvVy4CsKXs6wMOI8a8mGVVfjfQrRPyzmoHjg", oauth_version="1.0").

#15

Thanks for nothing. Workaround applied at our end. Let us know if you ever do get around to this :frowning:


#16

Can you share your workaround?
Thanks.


#17

We’re seeing the same problem, with our app. Any advice on how to work it around?


#18

@dbounds did you solve the problem?


#19

Yes Please give us a hint on how to work around the issue.

Thanks in advance.


#20

Should the oauth_consumer_key be included? The Zend lib that I’m using omits it.