Timestamp out of Bounds when calling oauth request_token




I am trying to integrate the oauth flow in my application.

I am getting a 401 when calling the oauth/request_token endpoint with this error:

"message": "401 - {\"errors\":[{\"code\":135,\"message\":\"Timestamp out of bounds.\"}]}",

This is my authorization header:

"Authorization": "OAuth oauth_callback=http%3A%2F%2F127.0.0.1%3A3000%2Ftwitter%2Foauth_callback,oauth_consumer_key=MYKEY,oauth_nonce=150255341200200,oauth_signature_method=HMAC-SHA1,oauth_timestamp=1502553412002,oauth_version=1.0,oauth_signature=d09f2f2a39e51909442ae6ca717e4aeba7066fda"

I can see in the response header that the server time for Twitter is:`“date”: “Sat, 12 Aug 2017 15:56:52 GMT”

If I take my timestamp and convert it to a GMT date I get: Saturday, August 12, 2017 3:56:52.002 PM

I am not sure why it is considered out of bounds.



It sounds like your server’s clock is not set correctly. OAuth signatures need the current timestamp included in the signature and the timestamp has to be within 5 minutes of Twitter’s server’s timestamps.


But from the look of it, the timestamp sent as part of the authorization matches the time that is show in the reponse header from twitter. I would see a difference if not. Or am I missing something?