Additional Owners Media Reuse Failing with "Unauthorized user" and Error Code 324

video
media-upload
api

#1

I am using the media/upload endpoint (chunked) to upload a video which includes the additional_owners parameter. In most cases, both the usage of the returned media_id on the original account and the “additional” ones work as expected. However, recently in certain cases the following has happened:

  • Chunked upload with additional_owners completes successfully and returns a media_id
  • Usage on the media_id on the original account generates a post successfully
  • Usage on subsequent “additional” accounts fails with the following error { code: 324, message: 'Unauthorized user' }. This usage occurs before the expiration of the media_id.

I cannot find any reference to permissions or restrictions on the ids which may be supplied to the additional_owners field, but I am wondering if I missed something, or if others have encountered this before, or if this is perhaps a bug, in which case I can provide more specific details for debugging purposes upon request.

The initial observation of this occurred when the initial uploader was a business account using paid advertisements and the subsequent usages were on personal non-advertising accounts. Perhaps the usage in advertisements is causing a problem with the reuse?


#2

Have you reviewed this post:

I believe that it may address this.


#3

Thank you very much for your response and suggestion.

I had not seen that post, but I don’t have access to the ads API, so that is why I wasn’t checking there. So I don’t think that’s it. If that is the most obvious suggestion, and that is not the case here, I’ll just go into full detail mode to try to clarify. Maybe I should have done that first, but I wasn’t sure if I was missing something small and silly.

The upload would look something like (using real ids for the user whose problem I am trying to debug) the following:

authenticated as user 79649961

curl
  -d '{
        "command": "INIT",
        "total_bytes": #,
        "media_type": "X",
        "media_category": "tweet_video",
        "additional_owners": "79649961,188991928,31064917"
      }'
  -H "Content-Type: application/json"
  -X POST http://upload.twitter.com/1.1/media/upload.json

with subsequent APPEND and FINALIZE calls being made successfully, and the media_id_string on the response being stored for posts to be made with all 3 users listed above.

Then 3 separate posts were all made (authenticated with each user respectively) as:

curl 
  -d '{
        "status": "X",
        "media_ids": "media_id_string",
        "include_entities": true,
      }'
  -H "Content-Type: application/json"
  -X POST https://api.twitter.com/1.1/statuses/update.json?tweet_mode=extended

The original authenticated user’s (79649961) post does post successfully, but the other two users (188991928, 31064917) do not work. The only reference to “business account” was a descriptive use case for the customer that I got from communication with the customer, not a difference in actual API calls. I didn’t know if it could somehow be relevant, so I mentioned it.

As I said before, when doing this in almost all other cases, using additional_owners (all user ids, no ads accounts) and generating multiple posts with the same included_entities does work, but there is something different in this case which I am not seeing I guess.

Thanks again for your help so far. I hope there is a good way to understand/resolve this particular situation.