Post status always get 403 - python requests


#1

This is my code. The token I get works fine. It can do search, but every time I do post status it gives me 403. I am sure that my app’s access level is read and write. I have also try the TwitterAPI, it also gives me 403:

{“errors”:[{“code”:220,“message”:“Your credentials do not allow access to this resource.”}]}

key_secret = '{}:{}'.format(client_key, client_secret).encode('ascii')
b64_encoded_key = base64.b64encode(key_secret)
b64_encoded_key = b64_encoded_key.decode('ascii')

base_url = 'https://api.twitter.com/'
auth_url = '{}oauth2/token'.format(base_url)

auth_headers = {
    'User-Agent': 'python-TwitterAPI',
    'Authorization': 'Basic {}'.format(b64_encoded_key),
    'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8'
}

auth_data = {
    'grant_type': 'client_credentials'
}

auth_resp = requests.post(auth_url, headers=auth_headers, data=auth_data)
access_token = auth_resp.json()['access_token']

print auth_resp.status_code

tweet_headers = {
  'Authorization': 'Bearer {}'.format(access_token)
}
tweet_data = {
  'status': 'test test test test test'
}

tweet_url = '{}1.1/statuses/update.json'.format(base_url)

tweet_resp = requests.post(tweet_url, headers=tweet_headers, data=tweet_data)
print tweet_resp.status_code
print tweet_resp.text

#2

OK I see, OAuth2 does not works for me but OAuth1 works fine. Is this something as expected?


#3

Yes. The bearer token-only Oauth flow is “application-only” authentication, so you have no user context. You need to include a user token and secret with your request in order to do anything requiring write access to a user account.


#4

Get it thanks a lot!


#5