Statuses/lookup API with app-only authentication fails with 215, Bad authentication data



I’ve been trying to use to get a list of tweets. I was under the impression that this API can be called with Application-only authentication, so I have set up my consumer key and consumer secret. Following the steps in gets me to the point where I have a bearer token. But step 3, where I should be able to issue a call with the "Bearer " + bearer_token, is not working. It returns “Bad Authentication data”.

  1. Is this API in fact accessible via app-only authentication? All I want to do is get the Tweet text
  2. From the docs I don’t think I need to encode the bearer token. Is this correct?

I’d appreciate any help. If this has been answered elsewhere, my apologies – but I can’t see exactly relevant posts any later than 2013, where they were discussing OAuth 1.0A.



Please post a sample call like you sent it, hiding your Bearer token in the post.


Thanks for the reply. I’m using Python requests to make this call:

tweet_url = ''
headers = {}
headers['Authorization'] = 'Bearer ' + access_token
headers['User-Agent'] = 'SciKitTut v1.0'

{‘Authorization’: u’Bearer *****************************’, ‘User-Agent’: ‘SciKitTut v1.0’}

r = requests.get(tweet_url, headers)



u’{“errors”:[{“code”:215,“message”:“Bad Authentication data.”}]}’

I’m not sure if the User Agent header is required here, or if it is, what my application’s version is. I was following the example at and thought I would try it. I am probably making a very basic mistake somewhere.


According to Custom Headers you should be using a named key for headers.

r = requests.get(tweet_url, headers=headers)


Can’t believe I missed that completely. Thanks @Abraham - looks like it’s working now.