Access media shared in direct messages



Applications with direct message read permissions can retrieve information necessary to securely display images included in Direct Messages using the REST API and OAuth 1.0A. Similarly to tweets with media, direct message images are represented as media entities and image variants are available by appending suffixes to the media URL.

Unlike media shared in Tweets, media shared in direct messages requires authorization to view. This authorization can be presented via an authenticated session or by signing a request with the user’s access token using OAuth 1.0A.

Note that it’s currently not possible to attach media to direct messages with POST direct_messages/new.


@vincentisambart what should be use to post server image with tweet ?


I can send the direct message with image in form data, but the image will not be displayed in the message. Any idea how long it takes to be able to send image with photo in direct message?


I’m trying to request DM photo data with a signed / authorized request (doing the same XHR with Authentication header that I do for GET API calls but against the image URL), and it always comes back with a 403. Is there another way the request is supposed to be authorized?


Ah never mind, got it to work using the old-school URL parameter based signature instead of header-based auth. Well, at least that saves me having to XHR + blob URL it.


We are still seeing elevated numbers of 403 errors when requesting DM photos with a signed/authorized request.

I managed to get a signed request working in the browser (i can email you the full url with our tokens/keys, etc).

5 minutes ago it was working for me and I could repeatedly re-load the image. However, now I simply receive a “Your credentials do not allow access to this resource” error when trying to view in the browser.

Its strange because sometime it works totally fine, but the vast majority of the times since late last week we’ve been getting the same ‘not authorized’ error.

Would really appreciate any help on this. Happy to send you more information.


This appears to no longer be working. I’m now getting 403s with freshly signed versions of the same URL. Very annoying…


I am also seeing similar issues with the signed request for a DM photo. Sometimes it works and sometimes it does not.


Hi guys, its been over a week without a single response from anyone on the team acknowledging this error. Any sort of response would be greatly appreciated.

Are you aware that this standard function of the API is now broken which was previously working fine for months?


Same problem: accessing DM media returns code 403.