API 1.1 PHP Inconsistent Authentication?


Hi! I think this problem may be somewhat related with this discussion: https://dev.twitter.com/discussions/10693

However I’m trying API 1.1 on (Cake)PHP.

I seem to authenticate just fine on ‘/1.1/account/verify_credentials.json’ while supplying my oauth_consumer_key, oauth_consumer_secret, oauth_token, and oauth_token_secret over ‘GET’ method.

Now when I try to call ‘/1.1/users/search.json’ and supplying the same oauth parameters and same ‘GET’ method, It returns with a message:
‘Could not authenticate you’ code 32.
I even tried ‘POST’ method and it’s still the same error.

I’ve been searching and trying out things to no avail. I’m hitting a wall with this already. What am I missing out?


In this case, it’s likely something around parameter encoding in your signature base string. Do you know how you’re building your signature base string when considering parameters like your “q” value in users/search?


Maybe it helps:
I faced a problem alike in Java. I used Apache URLEncoder to encode my parameters and all worked fine at API v1, but with v1.1 it hit a problem when * (star) character present in parameter values. I’m pretty sure that there are other character that could hit the issue. Spend a half of day to locate a problem.

And found following. When you calculate your base string you are to encode * to %2A. It could be confirmed with Twitter OAuth tool. In my case * was not encoded in POST body while was encoded at base string. API v1 worked with it, but v1.1 is not.

It seems tricky and special characters processing could vary between implementations of URL-encoding, especially in case what characters to encode. You could check RFC3986 for more details http://www.ietf.org/rfc/rfc3986.txt


Thanks @sergeykaliln – your post helped me!
I also use Java, but with the native java.net.URLEncoder. That has 2 & only 2 issues:

  • which you need to encode as %2A,
    and space, which gets encoded to +, but Twitter needs %20

E.g. use

String value;
String encoded = URLEncoder.encode(value, “UTF-8”)

Everything else (other ascii chars & unicode) works fine.


Please, help! What is wrong with my query?
{“errors”:[{“message”:“Could not authenticate you”,“code”:32}]}


Authorization: OAuth oauth_token=“66666-heh3K4vkiWWhTtRBi4WWMo9n5voca9ietxruq19I”, oauth_consumer_key=“3uFaWjfStmB0y6aWYvJl8j4ANcsaRW7cseWExWecrXU”, oauth_version=“1.0”, oauth_timestamp=“1371042751”, oauth_nonce=“8avAJJCS53JJsKjmROZhCR3XlBllRIQ4Wsacxftc”, oauth_signature_method=“HMAC-SHA1”, oauth_signature=“dzc%2BAr0G0HH4yquE%2F11vUALLX0Q%3D”


Take a look at [node:204] for tips on debugging OAuth problems.


I tried. but its not helped (


got the same problem


Please. I checked all of parameters - signature base string is true. used rawurlencode/decode for params. On v1 all worked early, but now v1.1 not worked. Help me.