Should the nonce and timestamps of the signature and for the token request have the same values or different?


#1

Should the nonce and the timestamp the signature and the request token request ( https://api.twitter.com/oauth/request_token ) be the same or different?

i.e. When I make the signature with a nonce and timestamp, should I use that same nonce and timestamp in the Authorization header for when I make my request to https://api.twitter.com/oauth/request_token?

I keep getting “Failed to validate oauth signature and token”

Does the timestamp have to be the same as the current time? I am in development phase and doing this not in my program but separately to see if I can get the correct response before I start to code. Is the say 15 second delay causing the problem?


#2

The values you use for signing must be the same values you use for the request. The purpose of the signature is to allow Twitter to verify that the values have not been tampered with.