Do statuses/user_timeline requests now absolutely require OAuth signature?


I’m doing some tidying of my existing timeline API caching for some sites I run, and I notice that switching versions for statuses/user_timeline is causing authentication issues and I can’t seem to find anything that clarifies “this now requires OAuth but it didn’t used to” so I’m hoping it’s a bug.

Given this current version URL:

I would hope that just changing the version to 1.1 would yield the same, or very similar return:

But I’m now being met with:

{“errors”:[{“message”:“Bad Authentication data”,“code”:215}]}

Is this a bug, or is there part of the documentation that I’ve overlooked? I really hope it’s a bug, because this change is going to cause loads of problems for me otherwise. Replacing with an embedded timeline isn’t really an option because these tweets need to be merged with other data and styled in a similar way to the rest of a site.


Yes, all API calls in API v1.1 require authentication. Right now that means OAuth 1.0A with a user-based access token but we’ll soon also have a form of app-only authentication that can be leveraged. In any case though, pure client-side usage via Javascript will not be a viable interaction point with the API.

[node:142] details the display requirements that embedded timelines make easy to realize.



I am facing the same problem and given exapmle on

is not working and i don’t understand where to use the OAuth code in GET request . so please it would be better if you guys can put a working example. because of this change i have to update almost 10 websites for clients.

please put a working example for PHP or give me a better reference

thank you in advance