Webhook error code 32 - while trying to create a webhook

nidhintkrishna · 2018-02-14T14:53:52.610Z

Hi there,

I am getting an error code 32 - “Could not authenticate you” while trying to create a webhook posting to the URL

https://api.twitter.com/1.1/account_activity/webhooks.json.

All the required permissions are given to the App and the twitter consumer keys and access tokens are specified correctly.

App ID: 14781335
App Name: TwitterBot4TfL

Owner : nidhintkrishna
Owner ID : 961535738125877248

Do I need to request any other access separately?

Could you please setup my account to access the Account Activity API (beta)?

Thanks
Nidhin

nidhintkrishna · 2018-02-15T09:18:31.699Z

Hello,

Is there a way to resolve this issue?

Thanks
Nidhin

MelisaCecilia · 2018-02-15T09:35:15.795Z

Hi,
You need to use this one with “all” instead of the one they put in the default documentation
https://developer.twitter.com/en/docs/accounts-and-users/subscribe-account-activity/api-reference/aaa-standard-all

nidhintkrishna · 2018-02-15T09:56:17.686Z

@MelisaCecilia

Thanks for the reply.

I tried the same but now getting thrown with an error “{“errors”:[{“code”:200,“message”:“Forbidden.”}]}”

The code which I am trying looks like below:

// twitter authentication
var twitter_oauth = {
  consumer_key: nconf.get('TWITTER_CONSUMER_KEY'),
  consumer_secret: nconf.get('TWITTER_CONSUMER_SECRET'),
  token: nconf.get('TWITTER_ACCESS_TOKEN'),
  token_secret: nconf.get('TWITTER_ACCESS_TOKEN_SECRET')
}

var WEBHOOK_URL = 'https://<domain>/webhook/twitter'
WEBHOOK_URL = WEBHOOK_URL.replace(/\!/g, "%21")
        .replace(/\'/g, "%27")
        .replace(/\(/g, "%28")
        .replace(/\)/g, "%29")
        .replace(/\*/g, "%2A");

// request options
var request_options = {
  url: 'https://api.twitter.com/1.1/account_activity/all/:DevNK/webhooks.json',
  oauth: twitter_oauth,
  headers: {
    'Content-type': 'application/x-www-form-urlencoded'
  },
  form: {
    url: WEBHOOK_URL
  }
}

// POST request to create webhook config
request.post(request_options, function (error, response, body) {
  console.log(body);
})

andypiper · 2018-02-15T10:25:52.242Z

nidhintkrishna:

:DevNK

The value of this part of the URL should be env-beta during the beta period.

nidhintkrishna · 2018-02-15T10:36:02.299Z

@andypiper

Thanks for the reply. I tried the same but getting the same result:

{“errors”:[{“code”:200,“message”:“Forbidden.”}]}

The code now looks like this:

// twitter authentication
var twitter_oauth = {
  consumer_key: nconf.get('TWITTER_CONSUMER_KEY'),
  consumer_secret: nconf.get('TWITTER_CONSUMER_SECRET'),
  token: nconf.get('TWITTER_ACCESS_TOKEN'),
  token_secret: nconf.get('TWITTER_ACCESS_TOKEN_SECRET')
}

var WEBHOOK_URL = 'https://<domain>/webhook/twitter'
WEBHOOK_URL = WEBHOOK_URL.replace(/\!/g, "%21")
        .replace(/\'/g, "%27")
        .replace(/\(/g, "%28")
        .replace(/\)/g, "%29")
        .replace(/\*/g, "%2A");

// request options
var request_options = {
  url: 'https://api.twitter.com/1.1/account_activity/all/env-beta/webhooks.json',
  oauth: twitter_oauth,
  headers: {
    'Content-type': 'application/x-www-form-urlencoded'
  },
  form: {
    url: WEBHOOK_URL
  }
}

// POST request to create webhook config
request.post(request_options, function (error, response, body) {
  console.log(body);
})

nidhintkrishna · 2018-02-15T12:09:06.834Z

@andypiper

I can see in many previous posts with similar issue telling something about white-listing the App. Can you please tell if something like that needs to be done and if required can you get it done?

Thanks
Nidhin

nidhintkrishna · 2018-02-15T13:16:01.860Z

Hi,

Any updates on this?

Thanks
Nidhin

andypiper · 2018-02-15T16:08:33.955Z

Hey Nidhin - I’m hearing that your app ID 14592712 should have access. Apologies but there is no easy way to change this during the beta. If you use the tokens for that app you should be able to try this out.

syed_tfl · 2018-02-16T11:41:49.845Z

Hi @andypiper
I work alongside @nidhintkrishna and that’s [14592712] my app ID. I sort of understand when you say that a dev environment is bind to a single app in beta. It’d be useful if you could just elaborate what a dev environment is for. Is that just a sandbox env with mock tweets and config options?

My other question is that I’ve that app 14592712 and on my twitter handle @syed_tfl I’ve given full access to that app. When I try to authenticate using my credentials on;
/account_activity/webhooks.json,
I get the following error back
{"errors":[{"code":32,"message":"Could not authenticate you."}]}.

But, when I use post to /account_activity/all/env-beta/webhooks.json, it seems to like it. Why it doesn’t work with the above endpoint?

Also, do I need the “dev env aka env-beta” for DM & DM quick replies & buttons?

What I want to do it to have the app / bot api running on my machine, authenticate itself with twitter via CRC, then use then post and receive realtime DMs using the non env-beta api calls.

pazpurua · 2018-02-16T12:11:23.002Z

Hello. I am having the same problem. It was working last week
Yours Pedro

syed_tfl · 2018-02-16T13:08:18.152Z

Hi @andypiper, just to follow up on the above, I’ve few questions around…
“Developing against Account Activity API via webhooks”
account_activity/webhooks/:webhook_id/<apis>

What is a dev environment and it’s purpose from developers point of view?

Does it only work for tweets using streaming API calls?

We have multiple developers working on the bot app / bot api, that will send / receive realtime DMs / Buttons / QRs.

Each developer require his/her own developer access to Activity API?
One developers has already acquired access to Activity API on behalf of the organisation and added other developers to his / her team. Can each developer use their Consumer Key / Secret to authenticate with Twitter via CRC from the bot app / bot api running on their machine?

We are writing a bot app / bot api, which will handle POST/GETs from multiple Twitter Apps (DM). Such, that each handle (our handle), gives permission to the App created on Twitter using same twitter account.
The users will then post DM to the handle (on Twitter)

Taking point 2 above into consideration, does each developer on the team need to create their on App, go back to Twitter and allow that App to read, write & DM? Then, use the consumer key / secret of their App and authorise with twitter via CRC (as mentioned above)

You’ve asked @nidhintkrishna to use account_activity/all/:env-beta/<apis>.

So what endpoint we use when we make our bot app / bot api (deployed to Cloud) and Twitter App Live?
I mean do we use account_activity/all/env-beta/ (don’t think so) or account_activity/webhooks/:webhook_id/<apis>

Can we use account_activity/webhooks/:webhook_id/<apis>, during development (not using the dev environment, which I don’t think we need for the Apps we are building)? If, so going back to my initial post, why does it fail?

Many thanks
Syed

syed_tfl · 2018-02-19T16:52:04.296Z

Hi,

It’d be nice to get some feedback here.

Regards
Syed

andypiper · 2018-02-19T17:14:45.166Z

Thanks for your patience, some of the folks that are best placed to help are not available today, but we’ll get back with more information when possible.

syed_tfl · 2018-02-19T17:26:11.487Z

Thanks @andypiper

KyleW · 2018-02-21T04:37:16.167Z

Hey @syed_tfl - There are a lot of questions in here, let me know if I miss anything

A dev environment is new for the premium APIs we are launching. For our search products, for example, you could use multiple environments to ensure you don’t hit a rate limit on a production environment, simply because of heavy testing on a staging environment. For the Account Activity API, you could have multiple environments to set up multiple webhooks. There is a current limit of one webhooks per environment.
I would encourage you set up an organization developer account and invite the other developers to that account like you did. You can only have a single webhook during the beta, and as a result, you will need to ensure the owning user credentials are the one you are responding to a CRC check with. There is no real ability to share that webhook URL.
I want to confirm I understand - You will have a single Client app which will post DMs on behalf of multiple @handles. If you want to use the Account Activity API, I would subscribe those @handles to the single webhook you have set up, and then allow those other developers to parse/act on the events as they come in.
You need to POST, PUT, GET, etc to the URI you mentioned account_activity/all/env-beta/ (see the docs)
No - the URI is broken out in a uniform way - /account_activity/:product/:environment/:route
Once we are out of beta, you will be able to name the environment as you see fit.