I’m attempting to get my App-Only bearer token from the Twitter Oauth2 API. Depending on how I do it, I get either error 400 (Bad Request) or 503 (Service Temporarily Unavailable). I’m stumped.
Attempt 1 was via an HTTPS socket (in Xojo, if you must know); when that failed I dropped down to a raw SSL socket, so that I know exactly what I’m sending. I’m sending this (with the credentials ellided here):
POST /oauth2/token HTTP/1.1 Host: api.twitter.com User-Agent: My Twitter App v1.0.23 Authorization: Basic MUs1NGpvd (...stuff deleted...) MmpxeQ== Content-Type: application/x-www-form-urlencoded;charset=UTF-8 Content-length: 29 Accept-Encoding: gzip grant_type=client_credentials
This request is modeled directly after the one in the docs. It produces a 400 (Bad Request) error code.
Then I decided to try curl (again, credentials ellided):
curl -i -d 'grant_type=client_credentials' -H 'Authorization: Basic MUs1NGpv (...blah blah...) mpxeQ==' -H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8' 'https://api.twitter.com/oauth2/token'
And this produces a 503 status code every time.
My credentials are just the Base64 version of my API key and secret, joined by a colon. The same key and secret work fine when tested with STTwitterDemoOSX. I’m almost (but not quite) desperate enough to use WireShark to see what that app is sending. But there must be something simple I’m doing wrong. Any ideas?