Could not authenticate you, code 32


Please help me, what I’m doing wrong?

Endpoint: statuses/update.json

<?php date_default_timezone_set('UTC'); ?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "">
<html xmlns="">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>endpoint: statuses/update</title>


$oauth_consumer_key = rawurlencode('CONSUMER_KEY'); //from
$oauth_nonce = rawurlencode(md5(time()));

$oauth_signature_method = rawurlencode('HMAC-SHA1');
$oauth_timestamp = rawurlencode(time());

echo '<p>UTC: '. date('H:i:s', time()).'</p>';

$oauth_token = rawurlencode('ACCESS_TOKEN'); //from
$oauth_version = rawurlencode('1.0');

$oauth_consumer_secret = rawurlencode('CONSUMER_SECRET'); //from
$oauth_token_secret = rawurlencode('ACCESS_TOKEN_SECRET'); //from

$http_method = 'POST';
$url = '';
$status = rawurlencode('helloworld');

//$parameter_str = 'include_entities=true&';
$parameter_str = 'oauth_consumer_key='.$oauth_consumer_key;
$parameter_str.= '&oauth_nonce='.$oauth_nonce;
$parameter_str.= '&oauth_signature_method='.$oauth_signature_method;
$parameter_str.= '&oauth_timestamp='.$oauth_timestamp;
$parameter_str.= '&oauth_token='.$oauth_token;
$parameter_str.= '&oauth_version='.$oauth_version;
$parameter_str.= '&status='.$status;

$base_str = $http_method;
$base_str.= '&';
$base_str.= rawurlencode($url);
$base_str.= '&';
$base_str.= rawurlencode($parameter_str);

$signing_key = $oauth_consumer_secret;
$signing_key.= '&';
$signing_key.= $oauth_token_secret;

$oauth_signature = rawurlencode(base64_encode(hash_hmac('sha1', $base_str, $signing_key, true)));

$header = 'Authorization: OAuth ';
$header.= 'oauth_consumer_key="'.$oauth_consumer_key;
$header.= '", oauth_nonce="'.$oauth_nonce;
$header.= '", oauth_signature="'.$oauth_signature;
$header.= '", oauth_signature_method="'.$oauth_signature_method;
$header.= '", oauth_timestamp="'.$oauth_timestamp;
$header.= '", oauth_token="'.$oauth_token;
$header.= '", oauth_version="'.$oauth_version.'"';

$header = array($header, 'Expect:', 'Content-Type: application/x-www-form-urlencoded');
$data = array('status'=>$status);

function send($url, $status, $header)
	$ch = curl_init();

	$f = fopen('request.txt', 'w');
	curl_setopt_array($ch, array(
	CURLOPT_URL            => $url,
	CURLOPT_POST           => 1,
	CURLOPT_HTTPHEADER     => $header,
	CURLOPT_VERBOSE        => 1,
	CURLOPT_STDERR         => $f));
	$response = curl_exec($ch);
	return $response;

echo '<p>response: ';
print_r(send($url, $status, $header));
echo '</p>';

echo '<p>Request / Response:</p>';
echo '<textarea name="textarea" id="textarea" cols="125" rows="34">';
include 'request.txt';
echo '</textarea>';


But I’m still getting the message: Could not authenticate you, code 32



From a first glance this looks close to being correct (though a bit inflexible should you want to use any other parameter than status).

Though it’s unrelated, you should be verifying SSL peers – you SSL usage is less secure without it.

Have you tried generating a similar request using the OAuth tool on this site, then working on your signature building algorithm until you can generate the same signature and authorization using the same values?


Ok, I’m verifying SSL peers now.

I’ve tried the Oauth tool, that’s the way I build this algorithm (other sources consulted:,,

I’ve double checked every line of code, obviously I’ve missed something…

Where do you start looking?

Thanks for your time.


First take a look at the signature base string you’re generating for this request – what does it look like? Is it missing any data?

I recommend following these tips to debug: [node:204]


This signature works with GET method + statuses/mentions_timeline endpoint.

I’m gonna check (again) your link. Thanks


Can’t figure out where my mistake is? I checked again but I can’t see where’s the error.
I really need this feature but I can’t use a whole library.

Please help me.


It may depend on what library you are using, but I turned off the ServiceHost call, and it worked. Others have found also that if they urlEncode the calls to Twitter, it starts working. Specifically for this error code. Also, try just escaping things like , " ? >< and so on if you have them in the url.


i can get same values,But error: Could not authenticate you, code 32.
If there might be a problem oauth_token?
Please help me


base sting:
String bss;
bss = “POST” + “&”
+ URLEncoder.encode(“”, “utf-8”) + “&”;
String bsss =“oauth_consumer_key=” + getTwAppid() +
"&oauth_nonce="+ set_nonce +
"&oauth_signature_method="+ “HMAC-SHA1” +
"&oauth_timestamp="+ oauth_timestamp +
"&oauth_token="+ “1669812324-tMJUZ0w5JTv2ZggLrx5pP10Dzd5oPJOTg9vwJHL” +
"&oauth_version=" + 1.0+
bsss = HttpUtil.encodeURIComponent(bsss);


params.put(“oauth_consumer_key”, getTwAppid());
params.put(“oauth_signature”, URLEncoder.encode(oauth_signature, “UTF-8”));
params.put(“oauth_token”, “1669812324-tMJUZ0w5JTv2ZggLrx5pP10Dzd5oPJOTg9vwJHL”);
params.put(“oauth_signature_method”, “HMAC-SHA1”);
params.put(“oauth_timestamp”, oauth_timestamp);
params.put(“oauth_consumer secret”, getTwAppkey());
params.put(“oauth_version”, “1.0”);


I’m not using any library.


ok iam hack i cant follow