We seem to be experiencing some issue with our application lately (can’t tell exactly when this started) where the OAuth authorization succeeds (we retrieve an access_token) but using the access_token always yields 401 errors.
We are using the Ruby on Rails OAuth gem v0.3.6 to integrate Twitter authentication. Here’s our workflow :
We get an OAuth request token (through /oauth/request_token and the Ruby gem).
We redirect to the Twitter website so that our user can authorize us to use his Twtter account on his behalf (/oauth/authorize) and provide the request_token.
We get called back on our callback URL with the parameters “oauth_verifier” and “oauth_token”.
We perform a request to get the access token (again through the Ruby gem), which is properly returned along with the token secret.
Up to this point, everything looks great, however when we try to perform a request using the token, for example “/account/verify_credentials.json” or “/help/test.json”, we only get 401 errors returned.
Previously retrieved access token appear to work fine. In addition, our app appears in the app panel of the user settings on the Twitter website, so the authorization seems to be considered as fulfilled on your side.
I did some testing and found out that creating a test app on my personal twitter account and using its consumer key/secret to perform user authorization works with no change at all to our application code! Is there something wrong with our Twitter application/keys ?
Lastly, I should mention that we are still using the v1 endpoint at the moment.
Any ideas ?