Read-only apps fail to call users/lookup with POST method


#1

The document says " You are strongly encouraged to use a POST for larger (up to 100 screen names) requests."
https://dev.twitter.com/docs/api/1.1/get/users/lookup

But with read-only application, it fails with “{“errors”:[{“code”:89,“message”:“Error processing your OAuth request: Read-only application cannot POST”}]}”.


[Thu Dec 27 17:41:41 JST 2012]Request:
[Thu Dec 27 17:41:41 JST 2012]POST http://api.twitter.com/1.1/users/lookup.json
[Thu Dec 27 17:41:41 JST 2012]OAuth base string: POST&http%3A%2F%2Fapi.twitter.com%2F1.1%2Fusers%2Flookup.json&include_entities%3D1%26include_rts%3D1%26oauth_consumer_key%3DmrYp6rawWJHeyXaWi3GB5w%26oauth_nonce%3D907176478%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1356597701%26oauth_token%3D6358482-Nzazk4c1U1kcHUP3e9OB4EJ9W0eBuZ3VxRsB9dAuo%26oauth_version%3D1.0%26user_id%3D255794088%252C441705930%252C100581062%252C49255734%252C996328051%252C559170296%252C119261332%252C373027695%252C18515199%252C83777877%252C28973601%252C228325562%252C3474001%252C297909405%252C79159050%252C94355673%252C882514368%252C97212832%252C6459802%252C124127525%252C9121432%252C57142748%252C15797140%252C985973888%252C216250008%252C121663344%252C14832427%252C54904048%252C47539662%252C22330739%252C41032024%252C24160034%252C70614432%252C489294299%252C165725102%252C203209274%252C93831273%252C49661959%252C15670331%252C30597967%252C194643708%252C70630881%252C105973663%252C114333005%252C76407522%252C5898822%252C43796154%252C5929112%252C14118563%252C64378588%252C60287587%252C28745562%252C77718059%252C106944925%252C15744975%252C81170234%252C98512820%252C20766533%252C91238103%252C15965719%252C351559615%252C5371072%252C582489524%252C367671660%252C4037021%252C52773639%252C440662114%252C14288985%252C3868621%252C13585812%252C3811061%252C14724896%252C5491152%252C4862261%252C106114624%252C459133564%252C6609032%252C4175171%252C565734536%252C174637883%252C834785976%252C338234111%252C278590903%252C205621126%252C7362472%252C329830408%252C116640150%252C52106559%252C831322291%252C53856691%252C313143098%252C563798434%252C219589985%252C5420012%252C15142903%252C107381955%252C117652722%252C188738873%252C167628541
[Thu Dec 27 17:41:41 JST 2012]OAuth signature: V3xx6L7W/pOk4iL/mXjXGFNdoZY=
[Thu Dec 27 17:41:41 JST 2012]Authorization: **********************************************************************************************************************************************************************************************************************************************************************************
[Thu Dec 27 17:41:41 JST 2012]X-Twitter-Client-URL: http://twitter4j.org/en/twitter4j-3.0.4-SNAPSHOT.xml
[Thu Dec 27 17:41:41 JST 2012]X-Twitter-Client: Twitter4J
[Thu Dec 27 17:41:41 JST 2012]Accept-Encoding: gzip
[Thu Dec 27 17:41:41 JST 2012]User-Agent: twitter4j http://twitter4j.org/ /3.0.4-SNAPSHOT
[Thu Dec 27 17:41:41 JST 2012]X-Twitter-Client-Version: 3.0.4-SNAPSHOT
[Thu Dec 27 17:41:41 JST 2012]Post Params: user_id=255794088%2C441705930%2C100581062%2C49255734%2C996328051%2C559170296%2C119261332%2C373027695%2C18515199%2C83777877%2C28973601%2C228325562%2C3474001%2C297909405%2C79159050%2C94355673%2C882514368%2C97212832%2C6459802%2C124127525%2C9121432%2C57142748%2C15797140%2C985973888%2C216250008%2C121663344%2C14832427%2C54904048%2C47539662%2C22330739%2C41032024%2C24160034%2C70614432%2C489294299%2C165725102%2C203209274%2C93831273%2C49661959%2C15670331%2C30597967%2C194643708%2C70630881%2C105973663%2C114333005%2C76407522%2C5898822%2C43796154%2C5929112%2C14118563%2C64378588%2C60287587%2C28745562%2C77718059%2C106944925%2C15744975%2C81170234%2C98512820%2C20766533%2C91238103%2C15965719%2C351559615%2C5371072%2C582489524%2C367671660%2C4037021%2C52773639%2C440662114%2C14288985%2C3868621%2C13585812%2C3811061%2C14724896%2C5491152%2C4862261%2C106114624%2C459133564%2C6609032%2C4175171%2C565734536%2C174637883%2C834785976%2C338234111%2C278590903%2C205621126%2C7362472%2C329830408%2C116640150%2C52106559%2C831322291%2C53856691%2C313143098%2C563798434%2C219589985%2C5420012%2C15142903%2C107381955%2C117652722%2C188738873%2C167628541&include_entities=1&include_rts=1
[Thu Dec 27 17:41:41 JST 2012]Response:
[Thu Dec 27 17:41:41 JST 2012]HTTP/1.1 401 Unauthorized
[Thu Dec 27 17:41:41 JST 2012]WWW-Authenticate: OAuth realm=“http://api.twitter.com
[Thu Dec 27 17:41:41 JST 2012]X-Rate-Limit-Limit: 180
[Thu Dec 27 17:41:41 JST 2012]Content-Length: 118
[Thu Dec 27 17:41:41 JST 2012]X-Transaction: 7e3d4c9942d7532c
[Thu Dec 27 17:41:41 JST 2012]X-MID: 00ae7283e946935a77fca8531e1c3b871952160a
[Thu Dec 27 17:41:41 JST 2012]Expires: Tue, 31 Mar 1981 05:00:00 GMT
[Thu Dec 27 17:41:41 JST 2012]X-Access-Level: read
[Thu Dec 27 17:41:41 JST 2012]Last-Modified: Thu, 27 Dec 2012 08:41:41 GMT
[Thu Dec 27 17:41:41 JST 2012]X-Rate-Limit-Remaining: 177
[Thu Dec 27 17:41:41 JST 2012]Set-Cookie: _twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCK4rhts7AToHaWQiJWNiMGQwMWM3NTk4Yjg3%250AZTQxOWM3YmFiNGE3ODA2ZTljIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsAOgxjc3JmX2lkIiU5ZGYy%250AOTBkNTM2MDM3MWU4OGE1NGQ2OTcwOTFlYmI3Ng%253D%253D–af29f065fa202cc144050b89ab77c90f5bcfead5; domain=.twitter.com; path=/; HttpOnly
[Thu Dec 27 17:41:41 JST 2012]Set-Cookie: lang=en; path=/
[Thu Dec 27 17:41:41 JST 2012]Set-Cookie: lang=en; path=/
[Thu Dec 27 17:41:41 JST 2012]Set-Cookie: dnt=; domain=.twitter.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
[Thu Dec 27 17:41:41 JST 2012]Set-Cookie: guest_id=v1%3A135659770153759317; domain=.twitter.com; path=/; expires=Sat, 27-Dec-2014 20:41:41 GMT
[Thu Dec 27 17:41:41 JST 2012]Set-Cookie: k=10.36.55.114.1356597701532983; path=/; expires=Thu, 03-Jan-13 08:41:41 GMT; domain=.twitter.com
[Thu Dec 27 17:41:41 JST 2012]Server: tfe
[Thu Dec 27 17:41:41 JST 2012]Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
[Thu Dec 27 17:41:41 JST 2012]Pragma: no-cache
[Thu Dec 27 17:41:41 JST 2012]X-Frame-Options: SAMEORIGIN
[Thu Dec 27 17:41:41 JST 2012]Status: 401 Unauthorized
[Thu Dec 27 17:41:41 JST 2012]Vary: Accept-Encoding
[Thu Dec 27 17:41:41 JST 2012]Date: Thu, 27 Dec 2012 08:41:41 GMT
[Thu Dec 27 17:41:41 JST 2012]Content-Encoding: gzip
[Thu Dec 27 17:41:41 JST 2012]X-Rate-Limit-Reset: 1356598049
[Thu Dec 27 17:41:41 JST 2012]Content-Type: application/json; charset=utf-8
[Thu Dec 27 17:41:41 JST 2012]{“errors”:[{“code”:89,“message”:“Error processing your OAuth request: Read-only application cannot POST”}]}


#2

I’ve got the same issue. The users/lookup should be a read-only method ?


#3

This is a long-term implementation choice on the Twitter API that may change some day. Until then, if you want to use a POST method, regardless of whether it’s to look up users or not, you need a RW token.


#4

how to solve this problem?