Here is the screenshot from postman for active entities,
However, I have access to the Ads account as shown here.
My App ID is 19136003. Any help would be appreciated. Thank you!
In general, these issues could be due to missing or incorrect authentication credentials. It could also be an issue with the signature due to reserved characters not being properly encoded. More information here.
That being said, we’ve heard of issues with Postman. See this GitHub issue or search the forums for more information.
The active entities in the postman URL appears to be incorrect - it should have /stats in the path. The error message shouldn’t return a 401 so is misleading. Could you provide the exact API request and post the response headers here?
Hi @osowskit1, @juanshishido, the issue is with getting stats, I tried the following, and still getting an unauthorized request.
Provided the start_time and end_time to be expressed in ISO8601. Example: 2017-05-19T07:00:00Z .Here is my code snippet,. I use the same code for campaigns, lineitems and active entities and they all work great except for the stats.
- Is the order of the params alphabetical too? As I have them sorted alphabetically before genrating the signature.
- What should the encoded start_time and end_time look like before generating the signature?
eg: end_time=2020-11-26T00%3A00%3A00Z
Requested URL:
https://ads-api.twitter.com/8/stats/accounts/knz4a?end_time=2020-11-26&entity_ids=hllds&entity=LINE_ITEM&granularity=DAY&metric_groups=ENGAGEMENT&placement=ALL_ON_TWITTER&start_time=2020-11-25
We strongly recommend using an existing library that generates OAuth 1.0a authentication headers. The following pages can help you determine how to make authenticated requests and create a signature.
In most cases, Postman is able to create authenticated requests as well as Twurl. Many developers inspect the headers generated by either of these tools to help determine how to generate the appropriate headers.
Hi @osowskit1, I have tried the requests in Twurl and here are the header and URL campared to the ones generated by my code. Twurl works my code does not, and its only the stats api call which fails with unauthorized.
Twurl URL:
“GET /8/stats/accounts/{{accountid}}?end_time=2020-11-26T01%3A00%3A00Z&entity_ids=hllds&entity=LINE_ITEM&granularity=DAY&metric_groups=ENGAGEMENT&placement=ALL_ON_TWITTER&start_time=2020-11-25T01%3A00%3A00Z”
OAuth header from trace
“OAuth oauth_consumer_key=”{{consumerkey}}", oauth_nonce=“WWbGReO9Zrqygjq6BGdGDtHANvWu9L3bYYl7eXBU4”, oauth_signature=“x9iL%2Fbj%2FbCCRL4gNKpAnnHmSU8I%3D”, oauth_signature_method=“HMAC-SHA1”, oauth_timestamp=“1606921744”, oauth_token="{{token}}", oauth_version=“1.0"”
Code Generated URL:
“https://ads-api.twitter.com/8/stats/accounts/{{accountid}}?end_time=2020-11-26T01%3A00%3A00Z&entity_ids=hllds&entity=LINE_ITEM&granularity=DAY&metric_groups=ENGAGEMENT&placement=ALL_ON_TWITTER&start_time=2020-11-25T01%3A00%3A00Z”
Code generated OAuth header
“OAuth oauth_consumer_key=”{{consumerkey}}", oauth_nonce=“f6252258ac2c4a50b356ba371e0d8fd0”, oauth_signature_method=“HMAC-SHA1”, oauth_signature=“TLD44d1XhkF5t60hRL3c9R1AaCw%3D”, oauth_timestamp=“1606921081”, oauth_token="{{token}}", oauth_version=“1.0"”
I dont see any difference expect for the obvious ones, like timestamp, nonce, signature. Does the order of the params in the header matter. I have them sorted alphabetically.
Any help is really appreciated.
@osowskit1, here is the response I get through code with the error.
{StatusCode: 401, ReasonPhrase: ‘Authorization Required’, Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
Cache-Control: no-store, no-cache, max-age=0
Date: Wed, 02 Dec 2020 14:58:04 GMT
Set-Cookie: personalization_id=“v1_ACxAXKgWwoLta4Lecka+tA==”; Max-Age=63072000; Expires=Fri, 02 Dec 2022 14:58:04 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
Set-Cookie: guest_id=v1%3A160692108445306236; Max-Age=63072000; Expires=Fri, 02 Dec 2022 14:58:04 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
Server: tsa_b
strict-transport-security: max-age=631138519
x-api-version: 8.0
x-connection-hash: 7268b245caf41053a83d2c4cc3fc0e53
x-content-type-options: nosniff
x-current-api-version: 8.0
x-frame-options: SAMEORIGIN
x-response-time: 11
x-runtime: 5.3E-5
x-transaction: 00d5b4010012b824
x-xss-protection: 0
Content-Length: 122
content-disposition: attachment; filename=json.json
Content-Type: application/json; charset=utf-8
}}
“{“errors”:[{“code”:“UNAUTHORIZED_ACCESS”,“message”:“This request is not properly authenticated”}],“request”:{“params”:{}}}”
@juanshishido and @osowskit1, just to make sure my oauth signature code is working as expected, I updated the params in my code to match the ones mentioned in the API documentation.
And I was successfully able to produce the following signature. (
This means my code works)
But when I follow the authorization documentation (https://developer.twitter.com/en/docs/authentication/oauth-1-0a/authorizing-a-request), I notice that the params are same but the signature shown here is not what is generated, and does not match the signature present on the signature creation documentation page.
How ever the params are same. Not sure how to produce this signature. Please explain.
Thank you!
@osowskit1, @carmenjyuen, @juanshishido
I am really stuck with Stats endpoint. All other endpoints for campaigns, line_items, activeentities work perfectly.
Appreciate your help. Thank you!
Could you verify that the request succeeds using Twurl. If so, you can use the -T option to print the authentication headers and use this to help modify your source to generate the same signature.
I would also consider using an open source library for HTTP requests that supports OAuth 1.0a as this is very tricky to implement.
@osowskit1, Thank you for the help. I was able to tweak my code to update the signature logic and generate the same signature as Twurl.
One difference I see between the following is, campaigns, line_items and active entities work when the time is specified like 2020-11-26T05:00:00Z. But, stats request works only when the time is specified like 2020-11-26.
1 Like
hello ,
i’m having a trouble when creating a function to make the card using twitter adds …always it returns me {“errors”:[{“code”:“UNAUTHORIZED_ACCESS”,“message”:“This request is not properly authenticated”}],“request”:{“params”:{}}}
this is the code of the function :
Hello I receive a 401 and this error message, can someone please tell me what it’s about? On my side it seems all good. I’m trying to use the Ads API. I’m using appscript and I can retrive the token but when I run the function to get the account info I get the error
{ errors:
[ { code: 'UNAUTHORIZED_ACCESS',
message: 'This request is not properly authenticated' } ],
request: { params: {} } }```
@juanshishido, @osowskit1 it’s possible to help me with my question? Thank you.
I’d recommend opening a new thread to track these questions separately and including the API request URL and query parameters. We strongly recommend developers use libraries that support generating OAuth 1.0a headers for your language rather than trying to build this out. I would also suggest trying the same request using Twurl to verify the request is valid.
