How to register a webhook url in Twitter?

oauth
api
webhooks

#17

I am getting the same issue as @mergenearellano:

Application cannot perform write actions. Contact Twitter Platform Operations

Everything is set up correctly and I have received the email saying my app was granted access to this beta. I looked at the support link but it looks pretty generic and I couldn’t find an option that really addressed the problem. Can I DM someone to get this sorted? Company name would be Tuunio.


#18

Updating this thread with the findings of the investigation with @Ricardo. Thanks for your help in narrowing this down!

Providing user access tokens with OAuth1.0a appears to work around this issue. Developers will need to use OAuth1.0a eventually to send Direct Messages on behalf of a user, anyway.

We’ll continue to investigate the app-only OAuth2 issue.

For internal tracking: CUST-4222


#19

When I try to use a user access token with OAuth 1.0a, I get this error:

{
  "errors": [
    {
      "code": 214,
      "message": "Webhook URL does not meet the requirements. Please consult: https://dev.twitter.com/webhooks/securing"
    }
  ]
}

Just can’t get past this stage, I’m afraid.

The docs say that a “detailed error message” will be given, but this is about as generic as it gets. I have no idea why the Webhook URL is failing, and there’s nothing in the error to help narrow it down.

I’ve read the securing docs and followed every step in detail, but it’s just not working for me.

I’m worried about repeatedly trying this as the app is in production. Wonder if I can migrate my beta access to a different app ID - any Twitter devs that can advise on that?


#20

@SteveJonesGtr, the error could be from one of the following:

  • Invalid CRC token or response format. I’ll be discussing this in this thread.
  • High latency on CRC GET request. You’re webhook should respond in less than 1 second.
  • Non-200 response code to CRC GET request (i.e. 404, 500, etc).

And, yes, the error message could be better. We’ll provide this as beta feedback.

We can enable a development app. Fill out another request with this form and mention that your production app was already approved. The submissions are reviewed every couple of days.


#21

@joncipriano - thanks for the quick reply and the detailed information - which would be useful in the documentation. I’ve filed the request for the staging version of the app.

My response is the right format, and there is definitely a 200 response. So the only thing that could be failing is the latency - I’m using ngrok as a tunnel to localhost, which seems pretty slow. I’m seeing 370ms on our staging server, so that should eliminate that.

Where is the latency measured from? ie. where are your servers? I’m based in London, and so are my servers, so it might be a bit of a penalty in terms of latency if they are being pinged from California!


#23

@SteveJonesGtr, yeap, it’s probably your ngrock tunnel. My teammate had a similar issue running a tunnel to his localhost. I don’t think location is going to be huge factor as we have developers up and running with webhooks in India, Middle East and Asia. Unfortunately, I’m not going to have an easy solution for tunnels. It’s a use case we have to discuss here. If you do find a fast tunneling service, please ping us.

As for a complicated solution you can do the following: Deploy a webapp that proxies requests to your ngrock tunnel. The webapp can handle the CRC GET request itself without proxying to your localhost. For POST requests the webapp should immediately respond with a 200 and then relay the request to your ngrock tunnel. You can achieve something similar with an AWS API Gateway and Lambda.


#24

I am getting the same “Application cannot perform write actions.” message when trying to register a webhook with POST.

I’m using the application-only bearer token and using GET works on the same endpoint. We got the email saying we had been granted access to the beta API and the app has the read and write setting enabled.


#25

@alans - It works if you use a user access token instead of application OAuth2 authentication. See this post by @joncipriano:

Make sure your webhook endpoint responds quickly. I was trying to connect to localhost via an ngrok tunnel, and it was too slow, so I was getting Webhook URL does not meet the requirements errors every time. I’ve since written and deployed a web app on Amazon AWS Lambda / API Gateway to handle the Twitter webhooks and now it’s working perfectly. I’ll be sharing that code on GitHub soon.


#26

Thank you. I used the user access token and manage to post.

However I also get the “214: Webhook URL does not meet the requirements” error message. It appears the url is never called (I assume a CRC request is sent when adding a webhook)

Our test server has a different secure port - is specifying a port number in the webhook url not valid?

Example:
https://test.company.com:8474/twitter/webhook


#27

Couple of things to check.

  1. Have you checked your latency? I just used Pingdom to test my endpoint. If the resulting latency is > 1 second, your webhook endpoint fails the test
  2. Is your response application/json like this:
{
  "response_token": "sha256=x0mYd8hz2goCTfcNAaMqENy2BFgJJfJOb4PdvTffpwg="
}

Where the value is “sha256=” followed by a base64 encoded HMAC SHA256 hash of the incoming crc_token $_GET variable and your Twitter consumer secret.

If not, then you need to get the response into that format.


#28

The issue was the port number in the webhook URL. Seems it is not valid to include it.


#29

I also hit the same error with specified webhook port 8443 "214: Webhook URL does not meet the requirements"
I wonder if that is a bug or is it intended? Is Twitter going to support non-standard ports in webhook url?
As far as I know, many other Webhook APIs (e.g. Facebook, Viber, LINE) support non-standard ports.


#30

Yes I have been granted access.


#31

I am getting the same issue as @mergenearellano

[{“code”:261,“message”:"Application cannot perform write actions. Contact Twitter Platform Operations through https://support.twitter.com/forms/platform."}]

Can somebody help me?


#32

I’ve heard this reported a few times now, we will have to look into what is happening here.


#34

@lucas.asc, as mentioned earlier in this thread, please use OAuth1.0a with user access tokens to create the webhook config.


#35

I’m using OAuth1.0a and getting this response. App id: 13780376

array(1) {
  ["errors"] => array(1) {
    [0] => array(2) {
      ["code"] => int(87)
      ["message"] => string(47) "Client is not permitted to perform this action."
    }
  }
}

Adding webhook url doesn't work
#36

Hey @DanielCHood,

That error means your app hasn’t been granted the permission to use the API. I see a record for your name and that we granted access, though. I’ll follow up with the right folks here and I would expect this to be resolved by eod next Monday if not earlier.


#37

Hi all, in an attempt to keep things tidy I’ll be locking this thread and summarizing the issues/solutions below for newcomers. if you are still having issues, please start a new thread with the webhooks tag, so we can address your specific issue. Thanks you for your participation and your patience as we improve the developer experience through this beta.


Error Code 87: Client is not permitted to perform this action.

This error means your app has not been whitelisted for access. Please apply using this form. If you applied and received a confirmation email that you have been granted access, please provide your app ID and name/company and we’ll look into it.


Error Code 261: Application cannot perform write actions. Contact Twitter Platform Operations through https://support.twitter.com/forms/platform.

If you received this error, try using OAuth1.0a with user access tokens of the owner of the application. If you are still receiving this error, follow through with Platform Operations with the provided link in the error message.


Error Code 214: Webhook URL does not meet the requirements. Please consult: https://dev.twitter.com/webhooks/securing

This can be caused by the following reasons:

  • Invalid CRC token or response format. Token is incorrect or invalid json format.
  • High latency on CRC GET request. Your webhook should respond in less than 3 seconds. Can be caused by a slow tunnel or misconfiguration of SSL.
  • Non-200 response code to CRC GET request (i.e. 404, 500, etc).

This has been noted as an area for improved error messaging and documentation.


Unable to setup Webhook -- "URL" is not valid
Twitter webhook registration
Account Activity API Issue
Unable to register/unregister/list webhooks for application
Can't setup a webhook,i keep getting this message: {"errors":[{"code":87,"message":"Client is not permitted to perform this action."}]}
Unable to register webhook URL, getting 214 error message
Access to ACCOUNT ACTIVITY API
Webhook Registration Failed, throwing an erro "code": 32, "message": "Could not authenticate you."
Registering a webhook url with app owner access token: 32 - Could not authenticate you
"Application cannot perform write actions" on newly granted access to environments
#38