Get friend list with Tweeter privacy enabled


We have a problem with get friend list when user have enabled the “Tweeter Privacy”(Protect my Tweets) option. If it disabled - then it works fine.

Here is what we are doing:
If we have iOS version = 4, then first we request OAuth Request Token ( using the data of the application.

Then get token and open in browser, where %@ is the OAuth Request Token that we get. In browser user confirm access to the application (if need he enter login/password). Then browser redirect user back to application and we get token and oauth_verifier. And with using things that we get we request OAuth Access Token ( and receive oauth_token, oauth_token_secret and id and screen_name of the user

If we have iOS5 then we are using Reverse Auth to get the OAuth Access Token and we have same information as described above.

And we are requesting contacts:
curl --get ‘’ --data ‘cursor=-1&user_id=some_id’ --header 'Authorization: OAuth oauth_consumer_key=“our_key”, oauth_nonce=“35489E0D58024F7A9B7CDEFC1A491CCA”, oauth_signature=“JizdK129S87WlLvjfL7cQlmN4uI%3D”, oauth_signature_method=“HMAC-SHA1”, oauth_timestamp=“1346584920”, oauth_token=“some_token”, oauth_version=“1.0”'
Everything as per request generated in twitter, but it does not work. Here is the answer:

{“error”:“Not authorized”,“request”:"/1/friends/ids.json?cursor=-1&user_id=some_id"}

Please advise.


Is the access token that is used in your request the one being used to request the endpoint? Can you use that same access token on account/verify_credentials?