invalidate_token returns forbidden result with invalid credentials


#1

Hello,
I get application authorization token bearer with /oauth2/token method. (and I am able to call user_timeline.json with it.) However, I get forbidden error when I try to invalidate the token I obtained before. I am guessing that the error is caused by the access_token I set, even though I am pretty sure I set the access_token exactly the same way as it came from the /oauth2/token method.
I would appreciate if somebody could point out what I am missing? Should I url encode the post data (I tried, but I still got the error).

curl --request "POST" "https://api.twitter.com/oauth2/token" --data "grant_type=client_credentials" --header "Authorization: Basic ZHQ1YlpTZ213WEhmU2hkaE1JYmNVZzpHQUExS0FXcUJKY2xHMzNxSnByU3p6elh6Wkh6eUFQdTNqaWF6A3d=" --insecure
{"token_type":"bearer","access_token":"AAAAAAAAAAAAAAAAAAAAAGAZSAAAAAAAgx%2FA%2BjhexEy7C7Z7raUCJPvVLwA%3Dfhsr5nCGSG0os0hlzj3KYoAVIAEnpZ0BlIVvVnO78fd"}
curl --request "POST" "https://api.twitter.com/oauth2/invalidate_token" --data "access_token=AAAAAAAAAAAAAAAAAAAAAGAZSAAAAAAAgx%2FA%2BjhexEy7C7Z7raUCJPvVLwA%3Dfhsr5nCGSG0os0hlzj3KYoAVIAEnpZ0BlIVvVnO78fd" --header "Authorization: Basic ZHQ1YlpTZ213WEhmU2hkaE1JYmNVZzpHQUExS0FXcUJKY2xHMzNxSnByU3p6elh6Wkh6eUFQdTNqaWF6A3d=" --insecure
{"errors":[{"code":99,"label":"authenticity_token_error","message":"Unable to verify your credentials"}]}

best regards,


#2

Did you ever get /oauth2/invalidate_token working? I’m trying to add support for it to a library, but It isn’t working as advertised.