Callback URL not approved - but worked for months



This might be useful.

As I’ve understood it, it’s a very simple fix to whitelist a callback URL if you already have one set:

  1. Simply log in to with your Twitter developer account, select your app and click on the Settings tab.

  2. Scroll down the page and click on the checkbox to enable the setting “Enable Callback Locking (It is recommended to enable callback locking to ensure apps cannot overwrite the callback url)”

  3. Click on the Update Settings button

If done correctly, your settings will be updated as below on the Details tab:

My question is:

  • is the above correct? If so, how long should it take for the changes to take effect and for ‘Sign in with Twitter’ to start functioning as normal? Many thanks in advance.


Almost instant


Yep. Saw the message, updated our callback URLs AND people CAN log in with Twitter. HOWEVER, I’m still getting a bunch of error messages from Twitter saying the callback url is not approved.

Oh, and I CAN’T CHANGE THE CALLBACK URL properly. Our callback url is /index.aspx?sec=log&sub=exa&site=twitter. The callback url setting truncates the url at the first ampersand. How can I save the proper url? I’ve done it once with one of our sites, but I don’t know how…

Please help!!


Ahh, had to type it in the box like this:

Now we’ll see if we keep getting the errors.


Query params are unnecessary for callback URL whitelisting. On the app settings page you can set as the callback url and in your OAuth requests will work just fine.


Nope. Still getting the errors…


Hey. I just want to give everybody a heads up that we should read the documentation in order to understand what’s going on. So I decided to actually read the documentation and there it was. The solution was in the documentation.

On this URL there is a sentence that says: "This means that if the callback_url parameter used with the oauth/request_token endpoint isn’t whitelisted, you will receive an error."

So, what I did was, I added a link from my application to the list of “Callback URLs” in my Twitter Application Settings and it worked.

I’m using a npm module Passport.js and there is an option for Twitter Strategy called callbackURL. I have added that URL to the list of Callback URLs in my Twitter Application Settings and it worked immediately.

So now in my “Callback URLs” i have:

And everything is working properly now. I guess that next time we should actually read the documentation before waiting for a solution from someone else.


I’ve read the docs and I, like you, am using Passport.js with node. However I have added the callback url from my twitter strategy to my Twitter Application Settings and yet the problem is persisting. I have added a few versions of the url; I’ve changed the domain to be a localhost and the actual IP but nothing is working. Any ideas?


Change your callback url here :
Not in the new interface :wink:
Hope it helps


yep, this ^ did the trick!