403 After submitting credentials on OAuth sign-in page

datwelk · 2012-09-13T19:07:40.000Z

As of this afternoon I’m getting a 403 HTTP error after submitting credentials on the OAuth sign-in page. I haven’t changed anything in my code which has been working fine until now.

The 403 happens during the procedure described here: https://dev.twitter.com/docs/auth/implementing-sign-twitter. As part of step 2 I show a webview which loads https://api.twitter.com/oauth/authenticate?oauth_token=<request token obtained in step 1> (the sign-in page). Then after submitting my account credentials on that page, I get this error: “403 Forbidden: The server understood the request, but is refusing to fulfill it.” This happens both when I enter wrong credentials and when I enter the correct credentials.

I really have no idea what’s going on here since I didn’t change anything. The error doesn’t show up in other apps. I also tried using different IP addresses, but no luck there either.

episod · 2012-09-13T19:10:40.000Z

Can you share the app ID or consumer key you’re using web this problem occurs? Thanks!

datwelk · 2012-09-13T19:11:59.000Z

Thanks for your reply. Consumer key: YpNzrB79n5TnNbgIeqIfcw.

janole · 2012-09-13T19:17:33.000Z

Hi Taylor,

I am getting the same error over here for “Gravity!”. Consumer key: YHvh158suQ0SV3NiYkU9Q.

Thanks for any help.

janole · 2012-09-13T19:28:06.000Z

Just a quick follow-up: is it possible that the Twitter OAuth login now requires cookies to work correctly? The browser I am using doesn’t support cookies …

datwelk · 2012-09-13T19:32:58.000Z

Yep, looks like it does. I previously had cookies disabled and it’s working now again after enabling cookies.

episod · 2012-09-13T19:33:46.000Z

Thanks for the details everyone, I’m working with our team on diagnosing and resolving this.

janole · 2012-09-13T19:42:44.000Z

For me it’s a bit more difficult as I cannot enable cookies

episod · 2012-09-13T20:46:59.000Z

Sorry for the difficulty with these endpoints – the problem should now be resolved.

Thanks,
@episod

janole · 2012-09-13T20:50:18.000Z

Yay, it’s working again for me.

Thanks a million for the quick fix, Taylor!!

alignminds1 · 2013-02-06T05:24:36.000Z

Hi,
i am getting a 403 status while working with update with media.consumerKey: ‘QyTkRg1Lp8QMVxwvtnAg’.
please give any suggestions

pramanathan1 · 2013-04-08T08:05:07.000Z

Hi guys,
now i am also getting the 403 Forbidden:The server understood the request, but is refusing to fulfill it.the previous week it’s working great in login credential page but today i got the above error. so i share my consumerKey:67KGBUuiTiGeIFQMSRGc6w.
please fix it this issue for me taylor…

janole · 2013-04-08T08:08:23.000Z

Same over here. We’ve had this before (I think a couple of months ago.)

If I remember correctly, it was related to the OAuth pages suddenly requiring cookies.

@episod fixed it quickly last time. Hope he can do it again

pramanathan1 · 2013-04-08T08:32:34.000Z

thanks for your reply janole. how episod fixed the above issue? any code including twitter+oauth sdk?if u know?

janole · 2013-04-08T08:43:51.000Z

I assume @episod sent an eMail to the “appropriate” people working on the OAuth website :-}

Hopefully it will be fixed soon. The browser I am using for authenticating via OAuth doesn’t support cookies :-/

pramanathan1 · 2013-04-08T10:02:59.000Z

so episod sent code to your email. i totally confused pls explain this issue why it occurs? and where? how u resolved this issue using episod code.please reply me.

pramanathan1 · 2013-04-08T12:41:49.000Z

mr.episod pls help me for the above issue how to solve that one?where was problem started and reason for that problem? it;s very urgent…

episod · 2013-04-08T14:59:18.000Z

Sorry for the issues, folks. We had an issue over the weekend that required a hotfix to oauth/authenticate. This hotfix ended up requiring cookies where they were previously non-required. We are working on a follow-on fix today that will resolve the underlying issue without requiring cookies for environments such as yours that do not support them. Thanks for your patience while we complete the fix.

sickp · 2013-04-08T22:13:34.000Z

Do you have an updated time estimate for this fix? No one has been able to sign in with our iOS apps for about 18 hours now.

SNCRConnectors · 2013-04-09T09:24:45.000Z

We also need urgent fix for this problem, can you please provide time estimate for when this will be fixed, thanks