How to register a webhook url in Twitter?

Ricardo · 2017-04-27T19:15:10.609Z

Hi Jon!

Yes, my consumer key ends with WL9, but I tried to register the webhook right now and got the same message.

DanielCHood · 2017-04-27T19:50:02.196Z

Is the body of your request a properly json encoded string?

Ricardo · 2017-04-27T20:43:38.146Z

I’m sending something like this:
{“url”:“https%3A%2F%2Fwww.example.com%2Fautomation%2Ftwitter%2Fendpoint.php”}

joncipriano · 2017-04-27T20:57:49.421Z

Hey @Ricardo, your app may be experiencing another issue unrelated to this endpoint.

Have you reached out through https://support.twitter.com/forms/platform as mentioned in the error message? You might have also received an email on the account associated with the app. Check your spam folder just in case.

Ricardo · 2017-04-29T02:15:01.819Z

They said that my app is suspended, but I really didn’t understand why it’s suspended if I couldn’t even register the webhook after my account linking’s approval.

SteveJonesGtr · 2017-05-02T16:11:22.204Z

I am getting the same issue as @mergenearellano:

Application cannot perform write actions. Contact Twitter Platform Operations

Everything is set up correctly and I have received the email saying my app was granted access to this beta. I looked at the support link but it looks pretty generic and I couldn’t find an option that really addressed the problem. Can I DM someone to get this sorted? Company name would be Tuunio.

joncipriano · 2017-05-02T22:12:36.429Z

Updating this thread with the findings of the investigation with @Ricardo. Thanks for your help in narrowing this down!

Providing user access tokens with OAuth1.0a appears to work around this issue. Developers will need to use OAuth1.0a eventually to send Direct Messages on behalf of a user, anyway.

We’ll continue to investigate the app-only OAuth2 issue.

For internal tracking: CUST-4222

SteveJonesGtr · 2017-05-03T16:41:04.749Z

When I try to use a user access token with OAuth 1.0a, I get this error:

{
  "errors": [
    {
      "code": 214,
      "message": "Webhook URL does not meet the requirements. Please consult: https://dev.twitter.com/webhooks/securing"
    }
  ]
}

Just can’t get past this stage, I’m afraid.

The docs say that a “detailed error message” will be given, but this is about as generic as it gets. I have no idea why the Webhook URL is failing, and there’s nothing in the error to help narrow it down.

I’ve read the securing docs and followed every step in detail, but it’s just not working for me.

I’m worried about repeatedly trying this as the app is in production. Wonder if I can migrate my beta access to a different app ID - any Twitter devs that can advise on that?

joncipriano · 2017-05-03T17:56:18.722Z

@SteveJonesGtr, the error could be from one of the following:

Invalid CRC token or response format. I’ll be discussing this in this thread.
High latency on CRC GET request. You’re webhook should respond in less than 1 second.
Non-200 response code to CRC GET request (i.e. 404, 500, etc).

And, yes, the error message could be better. We’ll provide this as beta feedback.

We can enable a development app. Fill out another request with this form and mention that your production app was already approved. The submissions are reviewed every couple of days.

SteveJonesGtr · 2017-05-03T19:33:15.611Z

@joncipriano - thanks for the quick reply and the detailed information - which would be useful in the documentation. I’ve filed the request for the staging version of the app.

My response is the right format, and there is definitely a 200 response. So the only thing that could be failing is the latency - I’m using ngrok as a tunnel to localhost, which seems pretty slow. I’m seeing 370ms on our staging server, so that should eliminate that.

Where is the latency measured from? ie. where are your servers? I’m based in London, and so are my servers, so it might be a bit of a penalty in terms of latency if they are being pinged from California!

joncipriano · 2017-05-03T20:51:53.261Z

@SteveJonesGtr, yeap, it’s probably your ngrock tunnel. My teammate had a similar issue running a tunnel to his localhost. I don’t think location is going to be huge factor as we have developers up and running with webhooks in India, Middle East and Asia. Unfortunately, I’m not going to have an easy solution for tunnels. It’s a use case we have to discuss here. If you do find a fast tunneling service, please ping us.

As for a complicated solution you can do the following: Deploy a webapp that proxies requests to your ngrock tunnel. The webapp can handle the CRC GET request itself without proxying to your localhost. For POST requests the webapp should immediately respond with a 200 and then relay the request to your ngrock tunnel. You can achieve something similar with an AWS API Gateway and Lambda.

alans · 2017-05-04T02:06:11.503Z

I am getting the same “Application cannot perform write actions.” message when trying to register a webhook with POST.

I’m using the application-only bearer token and using GET works on the same endpoint. We got the email saying we had been granted access to the beta API and the app has the read and write setting enabled.

SteveJonesGtr · 2017-05-04T10:07:04.617Z

@alans - It works if you use a user access token instead of application OAuth2 authentication. See this post by @joncipriano:

joncipriano:

Updating this thread with the findings of the investigation with @Ricardo. Thanks for your help in narrowing this down! Providing user access tokens with OAuth1.0a appears to work around this issue. Developers will need to use OAuth1.0a eventually to send Direct Messages on behalf of a user, anyway. We’ll continue to investigate the app-only OAuth2 issue. For internal tracking: CUST-4222

Make sure your webhook endpoint responds quickly. I was trying to connect to localhost via an ngrok tunnel, and it was too slow, so I was getting Webhook URL does not meet the requirements errors every time. I’ve since written and deployed a web app on Amazon AWS Lambda / API Gateway to handle the Twitter webhooks and now it’s working perfectly. I’ll be sharing that code on GitHub soon.

alans · 2017-05-04T12:02:56.510Z

Thank you. I used the user access token and manage to post.

However I also get the “214: Webhook URL does not meet the requirements” error message. It appears the url is never called (I assume a CRC request is sent when adding a webhook)

Our test server has a different secure port - is specifying a port number in the webhook url not valid?

Example:
https://test.company.com:8474/twitter/webhook

SteveJonesGtr · 2017-05-04T12:41:14.699Z

Couple of things to check.

Have you checked your latency? I just used Pingdom to test my endpoint. If the resulting latency is > 1 second, your webhook endpoint fails the test
Is your response application/json like this:

{
  "response_token": "sha256=x0mYd8hz2goCTfcNAaMqENy2BFgJJfJOb4PdvTffpwg="
}

Where the value is “sha256=” followed by a base64 encoded HMAC SHA256 hash of the incoming crc_token $_GET variable and your Twitter consumer secret.

If not, then you need to get the response into that format.

alans · 2017-05-05T12:28:49.312Z

The issue was the port number in the webhook URL. Seems it is not valid to include it.

edmundwongbp · 2017-05-10T23:52:54.946Z

I also hit the same error with specified webhook port 8443 "214: Webhook URL does not meet the requirements"
I wonder if that is a bug or is it intended? Is Twitter going to support non-standard ports in webhook url?
As far as I know, many other Webhook APIs (e.g. Facebook, Viber, LINE) support non-standard ports.

vinodm06 · 2017-05-12T13:54:12.500Z

Yes I have been granted access.

lucas.asc · 2017-05-12T14:45:19.747Z

I am getting the same issue as @mergenearellano…

[{“code”:261,“message”:"Application cannot perform write actions. Contact Twitter Platform Operations through https://support.twitter.com/forms/platform."}]

Can somebody help me?

andypiper · 2017-05-12T14:51:15.677Z

I’ve heard this reported a few times now, we will have to look into what is happening here.