Still can't access Ads API


#1

Hi,

I’m trying to test the Ads API but after get my application approved by Twitter as developer access, I still can’t make requests to https://ads-api.twitter.com/3/stats/accounts/, for example.

It always return an error that says I’m not authorized, but I can create a bearer token and input it in my request to Ads API. I can’t understand what’s going on:

{
    "code": "UNAUTHORIZED_ACCESS",
    "message": "This request is not properly authenticated"
}

App ID: 14823183

Thanks,
Alexandre.


#2

Hi @jotacom_oficial,

Can you please provide your app ID just so I can confirm you have access?

In the meantime, typically, the UNAUTHORIZED_ACCESS response points to missing or incorrect authentication credentials. We strongly recommend reading the Guidance for UNAUTHORIZED_ACCESS issues page as well as using twurl to help debug authentication issues.

Once you are able to successfully make the request using twurl, you can be fairly certain that there was an issue with your authentication credentials and not with access to the Ads API. If you need further assistance, please visit the OAuth category.

Try running the following and copy paste both the request / response:
*Note -t will give us more granular info to debug!

$ twurl -t -H ads-api.twitter.com "/3/accounts" | jq

#4

Hi @goforbrent,

Offcourse, my App ID is 14823183.

By the way, there’s a way to use app-only authentication? Because we’re planning to use the Ads API in our application to collect ads data from Twitter for our customers.

Also, using twurl, i got success on my request, it returned all my accounts.

Thanks,
Alexandre.


#5

Hi @jotacom_oficial,

Given that we can confirm twurl correctly works with your access and that your app ID 14823183 is configured with the right access. I would look at the headers when using “twurl -t” and figure out how those differ from your questions being sent with your own code. There is nothing technically from the Twitter side that is blocking auth.


#6

Hi @goforbrent,

There’s my log from twurl:

GET /3/accounts HTTP/1.1
Accept-Encoding: gzip;q=1.0,deflate;q=0.6,identity;q=0.3
Accept: */*
User-Agent: OAuth gem v0.5.4
Content-Type: application/x-www-form-urlencoded
Authorization: OAuth oauth_consumer_key="{oauth_consumer_key}", oauth_nonce="{oauth_nonce}", oauth_signature="{oauth_signature}", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1520270733", oauth_token="{oauth_token}", oauth_version="1.0"
Connection: close
Host: ads-api.twitter.com
Content-Length: 0


HTTP/1.1 200 OK
connection: close
content-disposition: attachment; filename=json.json
content-encoding: gzip
content-length: 636
content-type: application/json;charset=utf-8
date: Mon, 05 Mar 2018 17:25:34 GMT
server: tsa_b
set-cookie: personalization_id="v1_1KwxEVchyHw3S2n++YQYew=="; Expires=Wed, 04 Mar 2020 17:25:34 UTC; Path=/; Domain=.twitter.com
set-cookie: guest_id=v1%3A152027073410833983; Expires=Wed, 04 Mar 2020 17:25:34 UTC; Path=/; Domain=.twitter.com
strict-transport-security: max-age=631138519
x-access-level: read
x-api-version: 3.0
x-connection-hash: cccdf1071d4a2ca46591c0f55b4f26f3
x-content-type-options: nosniff
x-current-api-version: 3.0
x-frame-options: SAMEORIGIN
x-rate-limit-limit: 2000
x-rate-limit-remaining: 1999
x-rate-limit-reset: 1520271634
x-response-time: 24
x-runtime: 0.009138
x-transaction: 00477ac20098911f
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report

About my code, I’m using Postman to test how to make the requests to apply this in my app in R.

Thanks,
Alexandre.


#7

Hi @goforbrent, do you have any news about this thread?


#8

@jotacom_oficial: It looks like your request to the GET accounts endpoint was successful and that the issue is just with the analytics endpoints.

Ensure that you’re encoding reserved characters appropriately within URLs and POST bodies before preparing OAuth signature base strings.

Source

It’s likely that characters such as : are not being properly encoded in the request.

See this post for more details.


Ads api Asynchronous Analytics fails authorization