sure. I’ve tried sending the ‘url’ parameter in the body and also in the query-string but both approaches produced the same result.
REQUEST 1:
POST https://api.twitter.com/1.1/account_activity/all/env-beta/webhooks.json HTTP/1.1
Authorization: OAuth XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Content-Type: application/x-www-form-urlencoded
Host: api.twitter.com
Content-Length: 71
Expect: 100-continue
Connection: Keep-Alive
url=https%3A%2F%2Ftest.example.com%2Ftwitter
RESPONSE 1:
HTTP/1.1 403 Forbidden
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: attachment; filename=json.json
content-length: 48
content-type: application/json; charset=utf-8
date: Tue, 15 May 2018 14:12:09 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Tue, 15 May 2018 14:12:09 GMT
pragma: no-cache
server: tsa_f
set-cookie: personalization_id=“v1_CnUDkrPTUhkPrNgm/dpLpg==”; Expires=Thu, 14 May 2020 14:12:09 GMT; Path=/; Domain=.twitter.com
set-cookie: guest_id=v1%3A152639352943974911; Expires=Thu, 14 May 2020 14:12:09 GMT; Path=/; Domain=.twitter.com
strict-transport-security: max-age=631138519
x-connection-hash: 238eba05a528a2406f5ed2a11c5e640b
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 173
x-tsa-request-body-time: 0
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
{“errors”:[{“code”:200,“message”:“Forbidden.”}]}
