403 After submitting credentials on OAuth sign-in page


#1

As of this afternoon I’m getting a 403 HTTP error after submitting credentials on the OAuth sign-in page. I haven’t changed anything in my code which has been working fine until now.

The 403 happens during the procedure described here: https://dev.twitter.com/docs/auth/implementing-sign-twitter. As part of step 2 I show a webview which loads https://api.twitter.com/oauth/authenticate?oauth_token=<request token obtained in step 1> (the sign-in page). Then after submitting my account credentials on that page, I get this error: “403 Forbidden: The server understood the request, but is refusing to fulfill it.” This happens both when I enter wrong credentials and when I enter the correct credentials.

I really have no idea what’s going on here since I didn’t change anything. The error doesn’t show up in other apps. I also tried using different IP addresses, but no luck there either.


#2

Can you share the app ID or consumer key you’re using web this problem occurs? Thanks!


#3

Thanks for your reply. Consumer key: YpNzrB79n5TnNbgIeqIfcw.


#4

Hi Taylor,

I am getting the same error over here for “Gravity!”. Consumer key: YHvh158suQ0SV3NiYkU9Q.

Thanks for any help.


#5

Just a quick follow-up: is it possible that the Twitter OAuth login now requires cookies to work correctly? The browser I am using doesn’t support cookies …


#6

Yep, looks like it does. I previously had cookies disabled and it’s working now again after enabling cookies.


#7

Thanks for the details everyone, I’m working with our team on diagnosing and resolving this.


#8

For me it’s a bit more difficult as I cannot enable cookies :frowning:


#9

Sorry for the difficulty with these endpoints – the problem should now be resolved.

Thanks,
@episod


#10

Yay, it’s working again for me.

Thanks a million for the quick fix, Taylor!! :slight_smile:


#11

Hi,
i am getting a 403 status while working with update with media.consumerKey: ‘QyTkRg1Lp8QMVxwvtnAg’.
please give any suggestions


#12

Hi guys,
now i am also getting the 403 Forbidden:The server understood the request, but is refusing to fulfill it.the previous week it’s working great in login credential page but today i got the above error. so i share my consumerKey:67KGBUuiTiGeIFQMSRGc6w.
please fix it this issue for me taylor…


#13

Same over here. We’ve had this before (I think a couple of months ago.)

If I remember correctly, it was related to the OAuth pages suddenly requiring cookies.

@episod fixed it quickly last time. Hope he can do it again :wink:


#14

thanks for your reply janole. how episod fixed the above issue? any code including twitter+oauth sdk?if u know?


#15

I assume @episod sent an eMail to the “appropriate” people working on the OAuth website :-}

Hopefully it will be fixed soon. The browser I am using for authenticating via OAuth doesn’t support cookies :-/


#16

so episod sent code to your email. i totally confused pls explain this issue why it occurs? and where? how u resolved this issue using episod code.please reply me.


#17

mr.episod pls help me for the above issue how to solve that one?where was problem started and reason for that problem? it;s very urgent…


#18

Sorry for the issues, folks. We had an issue over the weekend that required a hotfix to oauth/authenticate. This hotfix ended up requiring cookies where they were previously non-required. We are working on a follow-on fix today that will resolve the underlying issue without requiring cookies for environments such as yours that do not support them. Thanks for your patience while we complete the fix.


#19

Do you have an updated time estimate for this fix? No one has been able to sign in with our iOS apps for about 18 hours now.


#20

We also need urgent fix for this problem, can you please provide time estimate for when this will be fixed, thanks