Statuses/lookup API with app-only authentication fails with 215, Bad authentication data

oauth
api

#1

I’ve been trying to use https://dev.twitter.com/rest/reference/get/statuses/lookup to get a list of tweets. I was under the impression that this API can be called with Application-only authentication, so I have set up my consumer key and consumer secret. Following the steps in https://dev.twitter.com/oauth/application-only gets me to the point where I have a bearer token. But step 3, where I should be able to issue a call with the "Bearer " + bearer_token, is not working. It returns “Bad Authentication data”.

  1. Is this API in fact accessible via app-only authentication? All I want to do is get the Tweet text
  2. From the docs I don’t think I need to encode the bearer token. Is this correct?

I’d appreciate any help. If this has been answered elsewhere, my apologies – but I can’t see exactly relevant posts any later than 2013, where they were discussing OAuth 1.0A.

Thanks!


#2

Please post a sample call like you sent it, hiding your Bearer token in the post.


#3

Thanks for the reply. I’m using Python requests to make this call:

tweet_url = 'https://api.twitter.com/1.1/statuses/user_timeline.json?count=10&screen_name=twitterapi'
headers = {}
headers['Authorization'] = 'Bearer ' + access_token
headers['User-Agent'] = 'SciKitTut v1.0'
print(headers)

{‘Authorization’: u’Bearer *****************************’, ‘User-Agent’: ‘SciKitTut v1.0’}

r = requests.get(tweet_url, headers)
r.status_code

400

r.text

u’{“errors”:[{“code”:215,“message”:“Bad Authentication data.”}]}’

I’m not sure if the User Agent header is required here, or if it is, what my application’s version is. I was following the example at https://dev.twitter.com/oauth/application-only and thought I would try it. I am probably making a very basic mistake somewhere.


#4

According to Custom Headers you should be using a named key for headers.

r = requests.get(tweet_url, headers=headers)

#5

Can’t believe I missed that completely. Thanks @Abraham - looks like it’s working now.


#6