OAuth not working through the windows service



I am hitting the Rest API http://api.twitter.com/1/users/show.json?screen_name=demouser1209 using the windows service.

Problem is that we in our application not making more than 150 calls per hour but server has many applications which are calling different rest APIs. So, unfortunately our service is facing rate limit issue.

So we are trying to implement the OAuth. We have followed the steps mentioned over here https://dev.twitter.com/docs/auth/authorizing-request. But unfortunately even after sending the authentication request we are getting the rate limit of 150 only. So that means the authentication is not working. But we are also not getting any X-Warning in the response header so I am not sure where we are failing.

I have even verified the signature against the one getting created using the OAuth tool under My Application over twitter dev site. They are matching perfect.

Also, when I try switching to version 1.1 of API, I am getting the “400 bad request” error which is having information as “Protocol Error”.

It will be great if someone can help me resolve the issue.



Can you provide an example of a failed request? Specifically:

  • The signature base string used in the request
  • The authorization header you send
  • Any other headers you send (some of these like Content-Type and Content-Length can have an impact on auth)
  • The actual URL you’re executing


Thanks for the reply. Below are the required details:

  • The signature base string used in the request - Get&http%3A%2F%2Fapi.twitter.com%2F1%2Fusers%2Fshow.json&oauth_consumer_key%3D4YvSLBx1iyv3Bx1ZhgUeeY7g%26oauth_nonce%3DNjM0ODg5MjQ1NjczNjAxMDU0%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1353307967%26oauth_token%3D192886379-MeF7yOWsTUspK0biaEgj3XV3KzGDwUfa5MRlRXet%26oauth_version%3D1.0%26screen_name%3Ddemouser1209
  • The authorization header you send - OAuth oauth_consumer_key="4YvSLBx1iyv3Bx1ZhgUeeY7g", oauth_nonce="NjM0ODg5MjQ1NjczNjAxMDU0", oauth_signature="mh8WVYmX918eu5VdEERuakZ6q4E%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1353307967", oauth_token="192886379-MeF7yOWsTUspK0biaEgj3XV3KzGDwUfa5MRlRXet", oauth_version="1.0"
  • Any other headers you send (some of these like Content-Type and Content-Length can have an impact on auth) - authorizationRequest.ContentType = "application/x-www-form-urlencoded"; authorizationRequest.Method = "GET";
  • The actual URL you're executing - http://api.twitter.com/1/users/show.json?screen_name=demouser1209

It will be great if we can get this resolved soon. Thanks in advance!!!


Is your signature base string using “Get” or “GET” within it? That’s the most obvious problem I see here – “Get” isn’t a valid string to start a signature base string with.


Thanks a lot…!!! It has started working for the api 1.1. You are simply amazing, such a small mistake and you catch that in the first glance.