Ads API 403 'Unauthorized Access"

restapi
oauth
api-access
api

#1

I am getting a response 403 'Unauthorized Access" when accessing this
endpoint. “https://ads-api.twitter.com/1/accounts/:account_id” with the
bearer access token. However I am able to retrieve data with this
endpoint
"https://api.twitter.com/1.1/statuses/user_timeline.json?count=100&screen_name=twitterapi"

headers = {'Authorization': 'Bearer <<bearer access token from application-only authentication>>'}
requests.get("https://ads-api.twitter.com/1/accounts/:account_id", headers=headers)

Guidance for UNAUTHORIZED_ACCESS issues
#2

Hi @_tonyzeng,

Could you send the exact request and response from twurl

Thanks


#3

I made a python request to get the bearer access token. Then I use the returned bearer token to call the ads-api endpoint.

import requests
headers = {'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8', 'Authorization': 'Basic <<base64 encoded bearer token credentials>>'}
body = {'grant_type': 'client_credentials'}
data = requests.post("https://api.twitter.com/oauth2/token", headers=headers, data=body)

#4

Please note that this is not an Ads API endpoint.

Finally, this forum post has additional information on why you could be seeing an UNAUTHORIZED_ACCESS error code.


#5

What do you need to pass beside the bearer access token to call the Ads API endpoint?


#6

You need the consumer_key and consumer_secret, which are associated with the app that has (or has not) been granted access to the Ads API, as well as the token and secret, which are user-specific credentials.


#8

I am currently using the application-only authentication method to retrieve the bearer access token. Does the Ads API not support this OAuth method? I am looking to pull analytics from the Ads API.


#9

The Ads API does not support application-only authentication. It requires user-context.


Relates to and is a possible duplicate of Application-only Authentication - Getting Response 408.


#10

This is a duplicate of the other post. I am using the request_oauthlib module to retrieve the access token now but I am running into an error where the client verifier is missing. What should I use the PIN for after the I authorize the app?

from requests_oauthlib import OAuth1Session
from requests_oauthlib import OAuth1
import requests

client_key = <<consumer_key>>
client_secret = <<consumer_secret>>
request_token_url = 'https://api.twitter.com/oauth/request_token'
oauth = OAuth1Session(client_key, client_secret=client_secret)
fetch_response = oauth.fetch_request_token(request_token_url)
#this returns the oauth token secret and oauth token and oauth callback confirmed as true

resource_owner_key = fetch_response.get('oauth_token_secret')
resource_owner_secret = fetch_response.get('oauth_owner_secret')
base_authorization_url = 'https://api.twitter.com/oauth/authorize'
authorization_url = oauth.authorization_url(base_authorization_url)
print 'Please go here and authorize,', authorization_url
# I authorize the app and get a pin

redirect_response = authorization_url
oauth_response = oauth.parse_authorization_response(redirect_response)
verifier = oauth_response.get('oauth_verifier')
#this returns the oauth token (same token as previous step) but it doesn't return a client verifier

access_token_url = 'https://api.twitter.com/oauth/access_token'
oauth = OAuth1Session(client_key,
                          client_secret=client_secret,
                          resource_owner_key=resource_owner_key,
                          resource_owner_secret=resource_owner_secret,
                          verifier=verifier)
oauth_tokens = oauth.fetch_access_token(access_token_url)
#gives a error no client verifier has been set. 


#11

I am able to retrieve the access token and pull from this ads-api endpoint “https://ads-api.twitter.com/1/accounts/”. However I am getting a “UNAUTHORIZED_ACCESS” message when calling a different endpoint (“https://ads-api.twitter.com/1/stats/accounts/<<account_ID>>?entity=CAMPAIGN&start_time=2016-02-01T15:00:00Z”)

Any idea on why I am getting this error.

oauth = OAuth1(client_key,
                   client_secret=client_secret,
                   resource_owner_key=resource_owner_key,
                   resource_owner_secret=resource_owner_secret)
protected_url = 'https://ads-api.twitter.com/1/stats/accounts/<<account_id>>?entity=CAMPAIGN&start_time=2016-02-01T15:00:00Z'
r = requests.get(url=protected_url, auth=oauth)
print json.dumps(json.loads(r.content), indent=4)

#12

Hi - any updates regarding this. I tried with this endpoint as well and get the same error.

'https://ads-api.twitter.com/1/stats/accounts/<<account_id>>?entity=CAMPAIGN&start_time=2017-06-01T17:00:00Z&end_time=2017-06-30T15:00:00Z&granularity=HOUR&metric_group=BILLING&placement=ALL_ON_TWITTER'

#13

Hey @_tonyzeng

Were you able to successfully call this endpoint using twurl ?

Thanks!


#14

@_tonyzeng: Similar to what we’ve stated in this post, please provide the full request and response to the GET accounts endpoint using twurl. You previously mentioned you were able to make a successful request to that endpoint.

After this, again using twurl, please provide the full request and response to the GET stats/accounts/:account_id endpoint.

We can try to further assist after we have this information.

As a reminder, please review our Guidelines for Reporting Issues.


#15

The OAuth authentication was working fine the URL for GET stats/accounts/:account_id was formatted incorrectly.