[SOLVED] {"errors":[{"message":"Invalid or expired token","code":89}]}


Getting this message on a brand new application, why? So frustrating, just want to chuck twitter out the door atm. Hours burned.

What friggen token? Doesn’t it live until I flip the switch to change it manually?

Any ideas?!

I have read the doco’s on code numbers etc. I have tried several of the php twitter libraries and they all return the same code? Have recreated several applications. OAuth tool is processing on API site. Why not from any server I experiment on? (trying not to go spacko, swear, pull the pin on twitter API, I’m stressed).

Need help on this a.s.a.p.


I got this when I got mixed up between the authorization and access tokens. You have two pairs of tokens, and the library I used called them both oauth_token and oauth_token_secret but in two different arrays, I used the wrong pair and got the same error as you. The pair you want is where the token starts with your Twitter ID followed by a hyphen.

If you haven’t already, go to the settings for your app and you should see a heading called ‘Your access token’, and a link to generate them, these will give you your access tokens (or it’ll display your access tokens if you’ve already done this), it’s these ones you’ll need as these won’t change.

Let me know if that points you in the right direction.


Hang on, hold this coffee while I kick myself up the bum.

Thanks @mattrogowski legendary doesn’t even start to approach it, all working now, many thanks.


I encountered the same error, but for a different reason; my application needed to enabled (via Twitter web pages) to authorize login credentials, in addition to having read/write permissions.


Hello !
I encouter the same error, but I can’t just go and take the access token to send a message, because I want to get the accreditations to post with an application, with the account of my users.
So how can I get the Access Token, with these Oauth_Token ??
Thank’s a lot


There was an error: {“errors”:[{“message”:“Invalid or expired token”,“code”:89}]}


How do we fix this error? All my settings and imput on the site seem correct.


If you’re using tmhOAuth, you need to ‘reconfigure’ the parameters using the access token and access secret found app settings in dev.twitter.com before doing the request to /account/verify_credentials.

$tmhOAuth->reconfigure(array_merge($tmhOAuth->config, array( 'token' => , 'secret' => , )));
$code = $tmhOAuth->user_request(array(
	'url' => $tmhOAuth->url('1.1/account/verify_credentials')	


You need to use the oauth_token and oauth_token_secret returned from the oauth/access_token call instead of the one in your app’s settings in dev.twitter.com

$code = $tmhOAuth->user_request(array( 'method' => 'POST', 'url' => $tmhOAuth->url('oauth/access_token', ''), 'params' => array( 'oauth_verifier' => trim($params['oauth_verifier']), ) ));
if ($code == 200) {
	$oauth_creds = $tmhOAuth->extract_params($tmhOAuth->response['response']); 
	// echo '<pre>';print_r($oauth_creds);exit;

  	$tmhOAuth->reconfigure(array_merge($tmhOAuth->config, array(
    	'token'  => $oauth_creds['oauth_token'],
    	'secret' => $oauth_creds['oauth_token_secret'],

$code = $tmhOAuth->user_request(array(
	'url' => $tmhOAuth->url('1.1/account/verify_credentials')	



yes thanks




i have just recreate the access token…it worked fine for me … (Y)


thanks, worked for me too!


Hello, have anyone tested apis in soap ui? what values need to configure for authentication. i’m getting “invalid or expired token 89”


Hi I have problem with twitter silent post, if i authorized to application once then, who can i manage token or secret for future so i must not to go twitter site each time.

is there any way ? can any body provide me same sample code too?
I am using “codebird” library for this!

Thanks in advance .



echo " sign in with twitter ";


setcookie(“oauth_token_secret”, “xxx”);
$connection = new TwitterOAuth(‘UNfNzgWAfNXTScA9cIzvfYGyk’, ‘vJn6H1uFE7S3TRw517VzWkIDwIYszY3W7gAtfSaZwsmCX7HJ80’);
$request_token = $connection->getRequestToken(‘http://direct.metricglobal.com/twitter/callback.php’);

$oauth_token = $token = $request_token['oauth_token'];
$oauth_token_secret = $request_token['oauth_token_secret'];
setcookie("oauth_token_secret", $oauth_token_secret); 
if( $_COOKIE["oauth_token"] == "xxx" ||  $_COOKIE["oauth_token_secret"] == "xxx" )
		switch ($connection->http_code) 
			case 200:
				$url = $connection->getAuthorizeURL($token);
				header('Location: ' . $url);
			    echo "Coonection with twitter Failed error no ".$connection->http_code;




$oauth_token = $_COOKIE["oauth_token"];
$oauth_token_secret = $_COOKIE["oauth_token_secret"];
$oauth_verifier = $_REQUEST['oauth_verifier']; 

$connection = new TwitterOAuth('UNfNzgWAfNXTScA9cIzvfYGyk',   'vJn6H1uFE7S3TRw517VzWkIDwIYszY3W7gAtfSaZwsmCX7HJ80', $oauth_token);
$access_token = $connection->getRequestToken($_REQUEST['oauth_verifier']); 

if( $connection->http_code == 200 ) 
$content = $connection->get('account/verify_credentials');

echo "<pre>", print_r($content, true)  , "</pre>";

echo "connection error code is ".$connection->http_code;


It prints output like-

stdClass Object
    [errors] => Array
            [0] => stdClass Object
                    [message] => Invalid or expired token
                    [code] => 89



Will you please let me know were i am going wrong and why its not printing the info about logged in user? I tank you all in advance.


Most cases, this error is not from your code.
You should try managing your app on twitter and changing the permission to “Read, Write and Direct Messages”.