Checking existing tokens



I am looking for a way to determine if my users’ tokens are 1) still valid and 2) what permissions they have, namely I want find out if I have write permission without actually sending a tweet on their behalf. I checked the API documentation and didn’t see anything on that?

  1. Everything requires auth so you can hit any REST API endpoint to validate a token is active. [GET account/verify_credentials][1] is also specifically intended for this.

We’re require applications to authenticate all of their requests with OAuth 1.0a or Application-only authentication. - [REST APIs][2]

  1. You can get the permission level for a specific token by making an authenticated API request and inspecting the X-Access-Level HTTP response header. It should have the values read, read-write, and read-write-directmessages.


Thank you!