How use acess token?


#1

Hi,

I am making a simple application in Delphi, just that I can not use accessory token, which parameters I have to use?
https://api.twitter.com/oauth/access_token?oauth_token=AAAAAAAAAAAAAAAAAAAAAAAAAA&oauth_token_secret=BBBBBBBBBBBBBBBBBBBBBBBBBBB

What do I do with the PIN?


#2

OK, I got it returned to me as it is on site with
https://api.twitter.com/oauth/access_token?oauth_consumer_key=X&oauth_nonce=Y&oauth_signature_method=A&oauth_signature=V&oauth_timestamp=N&oauth_token=M&oauth_version=1.0&oauth_verifier=PINCODE

https://dev.twitter.com/docs/api/1/post/oauth/access_token

What I have to do now?


#3

Once you’ve acquired the access token, you use it in very similar ways to how you obtained it.

That request you made to oauth/access_token where you used the oauth_token and oauth_token_secret you received from the oauth/request_token step? That’s how you make API calls. Only now oauth_token and oauth_token_secret come from the access token you received from oauth/access_token.

Here’s a simple call to try, assuming you’re using the access token credentials you got back, a current timestamp, and a resultant matching signature. Notice that no oauth_verifier is sent, as that parameter is only needed/used when obtaining the access token.

https://api.twitter.com/1.1/account/verify_credentials.json?oauth_consumer_key=X&oauth_nonce=Y&oauth_signature_method=A&oauth_signature=V&oauth_timestamp=N&oauth_token=M&oauth_version=1.0

Check out [node:204] for more tips – including one I think you should leverage – use HTTP headers to send OAuth credentials instead of the query string.


#4

I’m getting a new error
{“errors”:[{“message”:“Could not authenticate you”,“code”:32}]}


#5

And how to do I just put the PIN once?


#6

Ok, I got, is returning.
But when I try to access https://api.twitter.com/1.1/users/lookup.json?screen_name=progr4mmer
{“errors”: [{“message”: “Bad Authentication data”, “code”: 215}]}


#7

Great, glad you got to that point. So if this request is failing it’s likely due to the OAuth signature basestring not generating correctly – that screen_name parameter needs to be sorted with all the other parameters (including oauth_*) parameters.

Here’s a quick example of this same call successfully performed, using my own credentials:

URL: https://api.twitter.com/1.1/users/lookup.json?screen_name=progr4mmer

Signature base string:
GET&https%3A%2F%2Fapi.twitter.com%2F1.1%2Fusers%2Flookup.json&oauth_consumer_key%3D5aA6oofBOFAwN4tfmEYWjg%26oauth_nonce%3DftXkCQeMrj6AcKGI9xNJga5axY8eOGnbk6H2RNAvHtw%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1374849497%26oauth_token%3D119476949-oYGCs2M5duG5QalbOAK2YUZh8zG3ur7DPYo5qIFN%26oauth_version%3D1.0%26screen_name%3Dprogr4mmer

HTTP headers, including the Authorization header:
Accept: /
Connection: close
Authorization: OAuth oauth_nonce=“ftXkCQeMrj6AcKGI9xNJga5axY8eOGnbk6H2RNAvHtw”, oauth_signature_method=“HMAC-SHA1”, oauth_timestamp=“1374849497”, oauth_consumer_key=“5aA6oofBOFAwN4tfmEYWjg”, oauth_token=“119476949-oYGCs2M5duG5QalbOAK2YUZh8zG3ur7DPYo5qIFN”, oauth_signature=“7W4NaSOnNzak6c%2FBduD%2FV0sgOXs%3D”, oauth_version=“1.0”


#8

ok