Error message - This request looks like it might be automated. To protect our users from spam and other malicious activity, we can't complete this action right now. Please try again later



Hi, I am creating a Twitter BOT for my client(a big Utility company in USA). My BOT will receive direct message from customers and reply them back with outage status. This will require my BOT to send out more than 1000 direct messages per day.
Currently I am facing an error from my BOT which reads “This request looks like it might be automated. To protect our users from spam and other malicious activity, we can’t complete this action right now. Please try again later.
As my client will use Twitter for helping its customer to report outage, I was wondering if my objective could be accomplished.
Please suggest and help.


This is (potentially) OK, we’ve recently provided details on adaptive limits for this kind of scenario.

If you’re seeing that message, it could be related to eg. links or other content being shared in the Direct Messages.


Hi Andy,

Thanks a lot for your response. I am just listing down my understanding from the post that you shared.

  1. My twitter bot can send up to 5 direct messages for each message that it receives from the user. For every messages the 24 hour window will get reset.

Now my concern is:

  1. Is there any daily limit on the number of direct messages that my BOT can send to users ? For example, during winter storm, more than 50k customers face outage and my BOT would require to send out direct messages to customers for sharing the status of outage in their area. So even though my BOT will send hardly 2 direct messages per customer, yet it would go upto like 100k direct messages a day. Can that be achievable with current Twitter direct message policy?

  2. Does my client need to pay anything for using the Twitter service with the BOT?

  3. Will my client get any special advantage if they convert their Twitter handle to a verified one?




This is difficult to respond to. Are you able to provide concrete examples of when the adaptive algorithm we have described would not work for your use case?


Hi Andy,

Sorry for confusion. I was just trying to understand the meaning of the adaptive algorithm. I will just ask one query at a time.

In my case, my BOT will be able to respond to any new message with 5 new DMs, and this will get reset if any new DM comes from customer. Is my understanding correct?

Also, as I mentioned earlier, I will be creating the BOT for my Utility provider client. They have got many customers(more than 100k). In that case, if I get 50k(say) messages in my inbox. Shall I be able to reply them all with my BOT?(In that case my BOT will require to send 50k DMs per customer)




That’s correct, the 5 DM limit applies individually to each conversation, so this should not be an issue as far as I understand it.


Thanks Andy for the confirmation.

Also, could you please confirm if my client need to pay anything for using the Direct message service of Twitter.

And, if my client wants to use verified account on Twitter, is there any advantages for verified account?


Digwijoy Mandal


There’s no charge to use the Direct Message API for sending messages. If an app needs premium or enterprise access to the Account Activity real-time delivery API for the receipt of messages then there would be a cost. You can use the REST API endpoints to receive Direct Messages without the Account Activity API webhooks if you prefer.

You’re free to use a verified account to access the developer platform. As always we would encourage you and your clients to use two-factor authentication and to protect your authentication data (that is true for all accounts, not just verified accounts).


Hi Andy,

My BOT will need access to the direct message inbox in real time. The BOT will read the direct messages and provide reply to customers in real time. I guess that cannot be achieved in REST API endpoints.

Below is the piece of code that I wrote in Python:

stream =, domain=‘’)
for msg in stream.user():
if ‘direct_message’ in msg:
sd = str(‘sender_id’)
text1 = (msg[‘direct_message’][‘text’])

This gets direct messages while streaming. And I suppose this is using account activity API.

When I use the same for my client to get messages, do my client need to pay for that?




This is not using the Account Activity API, this is using the deprecated User Streams API that will be removed in the future. You should apply for access to the Account Activity API for Direct Messages by following the instructions here.

If you expect to have more than 35 user subscriptions, then in the future, there will be a premium option with payment requirements for the Account Activity API. This is not currently available, but you may develop against the standard (free) Account Activity API today.

There is an example Python app that uses the Account Activity API here.


I also want to emphasise that the original topic of this thread (this request looks like it might be automated…) is usually caused by sending unsafe URLs or content otherwise detected by our systems as spammy. Paying for access to the Account Activity API will not prevent this message from occuring in your application error log. All applications are subject to our Developer Policy and Automation Rules.

Thank you.


Thanks a lot Andy for the responses. I guess I have got the information required for going ahead.
Thanks again.