Retrieving email address with app-only auth and bearer token



Application Id: 16019147
I have the correct callback urls, Terms of Service and Privacy Policy Url’s set. I have also set the permissions to request the email address. I get authenticated correctly, but when I call the api “” with proper bearer token, i get the response back as “You do not have permission to access this resource”. According to the documents online, this should be working fine. Any help here would be greatly appreciated.
To be precise - getting this error when making the above call to get email address:

Your credentials do not allow access to this resource. Error code: 220


Can you please try it using user context auth, meaning with your api keys and your access tokens?


@LeBraat - I think I did try it, but maybe I am not doing it correctly. is there an example on how to call that api with my Access Token? II am already using my Consumer API key and secret to authenticate. I am doing App only authentication. Shall i not use the bearer token?


I keep getting Error code 215 - Bad Authentication data. I think I might not be formatting the Authorization header correctly? This is what i have

string str = “OAuth oauth_consumer_key=my consumer key,oauth_consumer_secret=my consumer secret,oauth_version=1.0,oauth_token=my API access token,oauth_token_secret=my api access token secret”;

client.DefaultRequestHeaders.Add(“Authorization”, str);


I am not doing Bearer token anymore. So, this is what my Authorization header look like with my own API access tokens etc. I get Error code 32: “Could not authenticate you”

OAuth oauth_consumer_key=“my consumer key”, oauth_nonce=“GUID generated for every request”, oauth_signature=“created as recommended by Twitter”, oauth_signature_method=“HMAC-SHA1”, oauth_timestamp=“1545226354”, oauth_token=“API access token”, oauth_version=“1.0”



@LeBraat - another update
So, if my request looks like this: key&oauth_nonce=NjM2ODA4MDgyMjIxNzIyNTQ3&oauth_signature_method=HMAC-SHA1&oauth_signature=computed signature&oauth_timestamp=1545229422&oauth_token=my api token&oauth_version=1.0

then i get the json back. But, I need email as well. When I add the query parameter “include_email=true” in the above request, I get Error code 32: “Could not authenticate you”.

So, some progress, but what next?


@LeBraat Finally I got it to work. There was an issue with my signature.
But, I shouldn’t have to do this and based on documentation on Twitter, I should be able to achieve this by using the “App only authentication” i.e. using the bearer token. That approach is much simpler. Right?


I’m curious where you are seeing this? On this page in our docs, it says user context only next to authentication.

If this was a hassle to set up the signature, you could always use twurl or a tool such as Twitter oauth or Insomnia. These all automatically handle your signature, nonce, and timestamp for you.


@LeBraat - In this article it says " * Retrieve any user information;". Maybe it can be clarified further to say excluding email or something like that?


This is a good suggestion - we will look into updating that page in the documentation to make this more clear. Apologies for any confusion here, and thanks for persevering!


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.