401 Unauthorized: Failed to exchange tokens

patrickwebs · 2014-08-14 17:56:37 UTC

Hi - I’m working on a Ruby & Rails app which uses the “oauth” gem to connect with twitter. Everything works correctly for most twitter accounts, however we’ve noticed that for newly created twitter accounts, the oauth flow breaks when exchanging the oauth_verifier for an access_token. This is the response from twitter:

content-length: 25
content-type: text/html; charset=utf-8
date: Thu, 06 Jun 2013 19:51:47 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Thu, 06 Jun 2013 19:51:47 GMT
pragma: no-cache
server: tfe
set-cookie: _twitter_sess=BAh7BzoPY3JlYXRlZF9hdGwrCHaGCxs%252FAToHaWQiJWNhZjU4ZjZiMzNmODIx%250ANWQ4MzE4YTAyMjRjOWUwMDVh–bef371b159707078655cc4b9b7447936ef097a43; domain=.twitter.com; path=/; HttpOnly, guest_id=v1%3A137054830743920770; Domain=.twitter.com; Path=/; Expires=Sat, 06-Jun-2015 19:51:47 UTC
status: 401 Unauthorized
strict-transport-security: max-age=631138519
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-mid: ec88e88aa580c48bc2d18bbe438ce6031728e179
x-runtime: 0.01115
x-transaction: b59dee50af6ed8e7
x-ua-compatible: IE=9,chrome=1
x-xss-protection: 1; mode=block
connection: close

Failed to exchange tokens

The interesting thing is that I can’t find any reference of the “Failed to exchange tokens” response anywhere. And again, this is only happening with brand new twitter accounts. If you create a new account and get this message and then try again immediately, it works fine.

AlexeyTester2 · 2014-08-15 04:27:13 UTC

I’m having the same problem. Were you able to resolve this?

SeaFuj · 2014-08-15 04:33:23 UTC

I can also confirm this happens for users on my site with newly created Twitter accounts.

natevolker · 2014-08-15 04:34:21 UTC

I’m getting the same response intermittently. Here’s one of the requests that caused the error:


POST /oauth/access_token HTTP/1.1
Host: api.twitter.com
User-Agent: [our app name]
Accept: */*
Authorization: OAuth oauth_consumer_key="[our_consumer_key]",oauth_nonce="26949299332b6abb406b4ce189b279ed",oauth_signature="H522TRoa2x1sP1Oq2%2BFkkEkPf0Q%3D",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1391071815",oauth_token="[the oauth token]",oauth_version="1.0"
Content-Length: 57
Content-Type: application/x-www-form-urlencoded
oauth_verifier=IS4cuEWRMeSOYvKyXfXK5jD2xtuF9Qj2gcHFHrZjGs

“401: Failed to exchange tokens” keeps showing up in our logs, but we can’t figure out how to reproduce it. We tried creating brand new twitter accounts as other replies here have suggested, but they seemed to work just fine.

drew_bratcher · 2014-08-15 04:37:00 UTC

We are experiencing this error for users who have not validated their email with twitter.

aroundyoga · 2014-08-15 04:42:48 UTC

Same issue here, I get it only after first try. After that it works fine.