How to get email from twitter user using OAuthTokens

alabama · 2015-05-11T10:27:31.892Z

Thx for YOUR patience and effort. Good job with integrating the user email request and the documentation for it!

jb_www · 2015-05-20T01:53:58.188Z

Hi, we have contacted the support desk to get our app whitelisted and they answered this: We do not provide technical support through this helpdesk. We suggest that you check out our API documentation for technical information.

However, Andy and the official Twitter documentation says to contact the helpdesk.

What should we do now? Thank you

andypiper · 2015-05-21T10:47:39.074Z

Which option did you use on the support forms?

I recommend using “I need access to special authentication privileges (e.g. xAuth)” on the platform support form page, and explaining in the detail text box that you want your app whitelisted for email access. We plan to improve the forms in the future to make it clearer which option to use for requesting this elevated privilege.

jb_www · 2015-05-21T12:00:50.740Z

Hello Andy, many thanks for your follow up message.

We did select xAuth in the form and mentioned the need for special authentication privileges for the app.

After the first reply from support, we replied back mentioning links to your answers in this tread along with links to the the official documentation about contacting the support desk for that specific matter.

The end of the story is that we received a new answer today from the support desk: We’ve enabled requesting email permissions for your app. which was an awesome news

Our recommendation to our fellow developers: provide all the official documents you can about your company (company registration, certificates, financial report) in your initial request (that’s what we did, it may have helped).

mdclaudiu · 2015-06-08T10:56:23.916Z

Hi,
I’m trying to get the email address on the signup process. I got the elevated permissions, but regardless of how I set the ‘include_email’ flag I do not get the email address. The testing twitter account has a valid and verified email address but the response has no email field.

Any help is much appreciated.

ojm37a · 2015-06-09T17:28:19.030Z

Congratulations. I’ve used both the xAuth and the “Elevated access to API” on the form and have gotten no reply (except the elevated API access responds with an auto-email saying to contact Twitter’s data sales team)…

sitecreatortest · 2015-06-11T05:38:57.559Z

Hi . My site was white listed and verify_credentials.json works when I don’t add the"include_email" parameter.When I do I get a 401:unauthorzied . I regenerated all my tokens and even used a new user yet I’m still getting the same error.I’m using https://api.twitter.com/1.1/account/verify_credentials.json?include_email=true as the endpoint address .

atwatkins · 2015-06-11T20:48:52.284Z

First time posting, but I just couldn’t find this answer anywhere else and wasted some time figuring it out.

I’m using the twitteroauth.php library to run all my authentication off the server. My apps are all whitelisted (I found that if I responded to the xAuth rejection letter from my request, reminding the support team that I don’t care about xAuth, I just want to be whitelisted, it was done in a matter of about an hour.)

But I couldn’t get the email address to come back in the status of the get request in ‘verify_credentials’.

Here is what finally worked, and there is nothing in the code that would prepare you to do this:

//With the token credentials we build a new TwitterOAuth object to validate the credentials found in the database

$connection = new TwitterOAuth(CONST_TWITTER_CONSUMER_KEY, CONST_TWITTER_CONSUMER_SECRET, $oAuthToken, $oAuthSecret);

$status = $connection->get('account/verify_credentials', array('screen_name'=>$oAuthScreenName, 'include_email'=>'true'));

The secret is in the single quotes (double would work as well) around the boolean for include_email. That’s it. Ridiculous, but now working. If you leave the boolean as a boolean and not a string, the email request will be ignored.

ms3k · 2015-06-26T18:12:14.511Z

I’m also having a problem with getting the emails. The application is whitelisted and the scope in application settings is set to request emails. The permission when signing in also says that the user grant access to the email. However, no matter what I do, when using the users access tokens and passing include_email=true to verify_credentials I don’t get the email.

Weird thing is if I’m using the account that owns the application to sign in then I can get the email from verify_credentials. This doesn’t do me much good though since I already know my own email and need to grab it from the users. The response in verify_credentials works and I get the rest of the data, just not email. Anybody had any problems like this and managed to solve it?

Thanks in advance.

ajm · 2015-06-26T20:16:58.745Z

I see the same issue with missing emails, but only with a certain user. We’ve had email verification in production for a few months and haven’t had a problem, but that certain user account started failing last night and now returns no email field when verify_credentials is called.

If I call the REST API using credentials for other accounts (mine or other developers’, for example), the email field comes back as it should.

Question: Is it possible that certain accounts might not return this field? Could an account be “locked” in some way to prevent this data from coming back, or might there be some sort of rate limiting in play?

ojm37a · 2015-06-30T16:26:57.760Z

have gotten no reply (except the elevated API access responds with an auto-email saying to contact Twitter’s data sales team)…

Finally got a reply and they white-listed one of our apps! Not sure why they didn’t white-list the others.

benmcginnes · 2015-07-01T04:26:43.853Z

Sigh

To all of you confused as to why Twitter might not demand an email address and why they also provide external authentication methods: it is to appeal to that segment of the market which is diametrically opposed to pretty much every developer here. Those being people who value their privacy. I know, it’s shocking and terrible that they might not want to share their email addresses with every marketer and spambot trawling through social media, but you’ll just have to cope.

ojm37a · 2015-07-01T15:25:45.193Z

They seem to be on top of this now. I re-sent the requests for our other sites and was approved in just a few minutes. Only one of the sites is actually returning the email address so far…

–Owen

johnpet44 · 2015-07-02T07:16:35.043Z

how do i whitelist my twitter app(from https://apps.twitter.com)

johnpet44 · 2015-07-03T05:24:11.520Z

I have filled out the xAuth form by giving the details of my app in here https://support.twitter.com/forms/platform [I have added a youtube link for DEMO LINK and my app url in github for APPLICATION URL] and clicked on “submit” button.

Next,You will get 1st email from twitter(If you dont get an email from twitter,re-fill the form and send again) saying “Thanks for reaching out”.Then after a few hours youll get a 2nd email saying that url app is whitelisted.

Once they say that your App is whitelisted, update your App’s settings in Twitter Developer portal. Sign in to apps.twitter.com and:

On the ‘Settings’ tab, add a terms of service and privacy policy URL[which is must,try giving dummy url]
On the ‘Permissions’ tab, change your token’s scope to request email. This option will only been seen, once your App gets whitelisted.

Next,you may have to regenerate your access token in https://apps.twitter.com .And also use https://api.twitter.com/1.1/account/verify_credentials.json?include_email=true in order to get the user’s email address! It worked for me

Ci_WebSummit · 2015-08-05T11:12:43.612Z

Hi Andy,

Which part of the support form covers web login queries? We wish to collect emails from a sign-up with twitter button on our website and need to whitelist an application to do this.

Thanks,
Eamonn

andypiper · 2015-08-05T11:30:47.234Z

It is a little confusing at the moment as we haven’t been able to update the forms for this. Sorry about that!

As @johnpet44 says above, use the “I need special permissions -> xAuth” option for now. Then explain in the form that you would like email access on OAuth, and make sure you include your app consumer key so that the team knows which app they are whitelisting for that feature.

Ci_WebSummit · 2015-08-05T12:47:02.957Z

Hi Andy,

I’ve submitted that through the XAuth option. Thanks for the swift reply,
Eamonn

demoandroid · 2015-08-06T05:46:11.913Z

Hello sir,
how can i get my app whitelisted, while my app is not live or not on Github (as your answer), in this situation how can i get “Application ID” and “Application URL” …?

emalware · 2015-08-15T22:45:09.170Z

How can I provide the enable_email using TwitterAuthenticationOptions? i dont see the option

var tw = new TwitterAuthenticationOptions {
ConsumerKey = “SecretKey”,
ConsumerSecret = “SecretSecret”,
SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
Provider = new TwitterAuthenticationProvider() {
OnAuthenticated = (context) => {
context.Identity.AddClaim(new System.Security.Claims.Claim(“urn:twitter:access_token”, context.AccessToken, XmlSchemaString, “Twitter”));
return Task.FromResult(0);
}
}

};

app.UseTwitterAuthentication(tw);