The forbidden error (error 200) will deliver if you haven’t set up access via the developer portal or have formed your request URL incorrectly (double check your environment name).
If it is bad authentication (error 32) before it hits the webhook, then you should check to make sure that you have done the following:
- you are using the proper auth keys that you pulled from the Twitter app that is designated as your AAAPI dev environment. Since this endpoint requires user auth, you will need to use both your consumer keys and access tokens.
- you have properly generated the
oauth nonce, oauth_signature, and oauth_timestamp for your request.
If you have properly set up your Twitter app, then chances are that you aren’t handling number two properly. If so, please consider using an oauth library (example), one of our github repositories (account-activity-dashboard or twitter-webhook-boilerplate-node), or try using Twurl.
