I am trying to run a small bash script I had working some months ago that uses twurl and I am getting this error:
{"errors":[{"code":89,"message":"Invalid or expired token."}]}
After some testing and playing around, I eventually deleted my app entirely and created a new one (rather than just regenerating tokens as I had been). Now with a fresh app with fresh tokens, I attempt to authorize,
> twurl authorize --consumer-key $CONSUMER_KEY --consumer-secret $CONSUMER_SECRET
Go to https://api.twitter.com/oauth/authorize?oauth_consumer_key.......
and paste in the supplied PIN
> XXXXXXX
Authorization successful
> twurl /1.1/statuses/home_timeline.json
{"errors":[{"code":89,"message":"Invalid or expired token."}]}
I wasn’t sure if there was an issue with twurl, so I wrote my script over in Typescript.
import TwitterApi from 'twitter-api-v2';
const CONSUMER_KEY = process.env.CONSUMER_KEY ?? '';
const CONSUMER_SECRET = process.env.CONSUMER_SECRET ?? '';
const twitterClient = new TwitterApi({appKey: CONSUMER_KEY, appSecret: CONSUMER_SECRET, }).readOnly;
console.log(twitterClient.get('statuses/user_timeline', {screen_name: '@twitterapi'}));
Error:
throw new Error('Invalid consumer tokens');
Has something changed with authentication recently?
Edit:
Attempting to CURL with bearer token
curl --request GET 'https://api.twitter.com/2/tweets/search/recent?query=from:twitterdev' --header 'Authorization: Bearer $BEARER_TOKEN'
Error:
{
"title": "Unauthorized",
"type": "about:blank",
"status": 401,
"detail": "Unauthorized"
}
For v1.1 Endpoints, do you definitely have Elevated Access to v1.1 API? maybe when creating a new app, something switched?
Same for the curl one - if calling the v2 API, is the app added to a Project on the dashboard?
Only thing i could think of - otherwise it’s some anti spam thing or something?
Making sure I have this correct, here is this demo app I am working with as I see it.
Now at the next screen I have not enabled User authentication settings, though I was thinking I don’t need this. I am not looking to have other users sign in to my app, I am just trying to run a small script authenticated as myself, so I would not have a callback URL for example.
edit:
For the sake of testing, I enabled READ on oauth 1.0
But still, the same issues
