Our application (8560361) was authorized to access Ads API, but I am still having an issue accessing ad accounts using the following cURL command:
curl --get ‘https://ads-api.twitter.com/0/accounts’ --header ‘Authorization: OAuth oauth_consumer_key=“REMOVED”, oauth_nonce=“REMOVED”, oauth_signature=“REMOVED”, oauth_signature_method=“HMAC-SHA1”, oauth_timestamp=“1441301140”, oauth_token=“REMOVED”, oauth_version=“1.0”’ --verbose
- STATE: INIT => CONNECT handle 0x600060e10; line 1028 (connection #-5000)
- Hostname was NOT found in DNS cache
- Trying 199.59.149.243…
- STATE: CONNECT => WAITCONNECT handle 0x600060e10; line 1076 (connection #0)
- Connected to ads-api.twitter.com (199.59.149.243) port 443 (#0)
- successfully set certificate verify locations:
- CAfile: /usr/ssl/certs/ca-bundle.crt
CApath: none
- SSLv3, TLS handshake, Client hello (1):
- STATE: WAITCONNECT => PROTOCONNECT handle 0x600060e10; line 1189 (connection #0)
- SSLv3, TLS handshake, Server hello (2):
- SSLv3, TLS handshake, CERT (11):
- SSLv3, TLS handshake, Server key exchange (12):
- SSLv3, TLS handshake, Server finished (14):
- SSLv3, TLS handshake, Client key exchange (16):
- SSLv3, TLS change cipher, Client hello (1):
- SSLv3, TLS handshake, Finished (20):
- SSLv3, TLS change cipher, Client hello (1):
- SSLv3, TLS handshake, Finished (20):
- SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
- Server certificate:
-
subject: C=US; ST=CA; L=San Francisco; O=Twitter, Inc.; OU=Twitter Security; CN=*.twitter.com
-
start date: 2014-12-12 00:00:00 GMT
-
expire date: 2015-12-31 12:00:00 GMT
-
subjectAltName: ads-api.twitter.com matched
-
issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert High Assurance CA-3
-
SSL certificate verify ok.
- STATE: PROTOCONNECT => DO handle 0x600060e10; line 1208 (connection #0)
GET /0/accounts HTTP/1.1
User-Agent: curl/7.37.0
Host: ads-api.twitter.com
Accept: /
Authorization: OAuth oauth_consumer_key=“REMOVED”, oauth_nonce=“REMOVED”, oauth_signature=“REMOVED”, oauth_signature_method=“HMAC-SH
A1”, oauth_timestamp=“1441301140”, oauth_token=“REMOVED”, oauth_version=“1.0”
- STATE: DO => DO_DONE handle 0x600060e10; line 1281 (connection #0)
- STATE: DO_DONE => WAITPERFORM handle 0x600060e10; line 1407 (connection #0)
- STATE: WAITPERFORM => PERFORM handle 0x600060e10; line 1420 (connection #0)
- HTTP 1.1 or later with persistent connection, pipelining supported
< HTTP/1.1 403 Forbidden
< content-disposition: attachment; filename=json.json
< content-length: 167
< content-type: application/json;charset=utf-8
< date: Thu, 03 Sep 2015 17:25:52 GMT
- Server tsa_a is not blacklisted
< server: tsa_a
< set-cookie: guest_id=v1%3A144130115295638818; Domain=.twitter.com; Path=/; Expires=Sat, 02-Sep-2017 17:25:52 UTC
< strict-transport-security: max-age=631138519
< x-access-level: read
< x-connection-hash: 5c6e121cdc23bc82c1054abc892c8522
< x-content-type-options: nosniff
< x-frame-options: SAMEORIGIN
< x-rate-limit-limit: 2000
< x-rate-limit-remaining: 1999
< x-rate-limit-reset: 1441302052
< x-response-time: 11
< x-runtime: 0.001473
< x-transaction: 4b4865ee632be121
< x-xss-protection: 1; mode=block
<
- STATE: PERFORM => DONE handle 0x600060e10; line 1590 (connection #0)
- Connection #0 to host ads-api.twitter.com left intact
- Expire cleared
{“errors”:[{“code”:“UNAUTHORIZED_CLIENT_APPLICATION”,“message”:“The client application making this request does not have access to this API”}],“request”:{“params”:{}}}
