REST Consumer Keys keep disappearing

api

#1

Every other day I have to go into my app. settings and generate Your Access Tokens because they go “missing”. Just gone. They work for a day or so, then gone. The app. checks all users once / day.

When I regenerate the keys I get a message at the top of the screen “Keys Generated” but I also get “Page does not exist”. I’ve tried various browsers and private window, it makes no difference.

Thoughts on what might be going on?


#2

No one has any thoughts / comments on this issue? I’ve tried opening a support case, it gets closed. I’ve tried contacting @twitterSupport and no answer.

I feel like the last man on earth… Hello?


#3

Have you tried revoking the existing token (via your Twitter account settings page) - which should then result in no access tokens being visible on apps.twitter.com - and then regenerating them?

Access tokens should not “go missing” without manually being revoked, or unless the application is performing any unusual actions which might result in this occurring. What’s the exact pattern of behaviour you are observing?


#4

Thanks for the reply Andy.

I will right after typing this revoke all tokens and completely re-create the app if you think that’ll help. To date application consumer key / secret have been stable but the access tokens “disappear”. I’m not aware of the app hitting any rate limits or anything that would cause a violation.

The exact pattern I see:

  • keys created
  • app set to run 1/day via cron job
  • app checks all followers (~1800), follows, unfollows with a stop limit inside the app of 300 follows / unfollows.
  • app sends email with summary action log

… a few successful days later…

  • I get an email with all kinds of errors and a database full of bad data
  • I check to see what’s up, turns out the access keys are “gone”, not changed, “gone”.
  • I create new keys and update app.
  • app works for a few more days… repeat

Weird right?


#5

Application deleted!


#6

So I just created a new application… and again the “PAGE DOES NOT EXIST” error came up when creating the access tokens. I doesn’t appear to affect anything but the fact that odd stuff is happening I really believe there’s something on the backend going on here.

I’ve updated the application with the new keys. I’ll let you know on or before Monday (March 12) if / when the keys “go missing” again.


#7

A quick update… the app. has been running since Friday and the key’s are still there. Lets hope that deleting everything and starting over fixes the issue.


#8

… AND THEY’RE GONE AGAIN !

At 4:36am last night I got an email from password@twitter.com with the subject:
“For security purposes, your Twitter account has been locked.”

I’ve reset the password as required and see the API keys are gone again.

How do I get more details on what’s happening, both

  1. Regarding the password reset requirement
  2. The disappearing API keys.

#9

Given that you’re describing an automated follow/unfollow app which is against the developer policy and automation rules, I suspect that your app and account are being flagged for suspicious behaviour, and the password is being reset. Since the access tokens are tied to / represent your account, they are also being reset in case your account has been compromised. Note that the consumer key and secret are not being modified, just the access token and secret, as they are specific for your account.


#10

Thanks for the reply Andy. I am aware that…

Automated following/unfollowing: You may not follow or unfollow Twitter accounts in a bulk, aggressive, or indiscriminate manner.

The app simply watches for new followers, sending them a DM and attempts to friend the follower. It has tight limits that fall well short of any of Twitter’s API rate limits.

Of course if you are correct, how can I verify this? Is there a way to identify WHY the account is being flagged and/or locked? I ask sincerely as I want to correct this issue, not work around it.

Thanks


#11

This is not a question of rate limits, this is about the fact that the automated behaviour the app is exhibiting is against the developer policy and rules. I’m afraid I’m not able to comment further beyond pointing to the policy. Thank you.