Webhooks error code 32: Could not authenticate you



Hi There,

I’m trying to create a webhook using Ruby and Faraday library. Here’s my request:

# client
#  => #<Twitter::REST::Client:0x007fd7c19015f0
# @access_token="token is here",
# @access_token_secret="secret is here",
# @consumer_key="key is here",
# @consumer_secret="secret is here">

headers = Twitter::Headers.new(client, :post, 'https://api.twitter.com/1.1/account_activity/webhooks.json')

Faraday.post do |req|
  req.url('https://api.twitter.com/1.1/account_activity/webhooks.json', url: '')
  req.headers['Authorization'] = headers.oauth_auth_header.to_s

As far as docs go - this should work. However I get {"errors":[{"code":32,"message":"Could not authenticate you."}]} response :frowning:

this is my request when executed:

#<struct Faraday::Env
   body="{\"errors\":[{\"code\":32,\"message\":\"Could not authenticate you.\"}]}",
   url=#<URI::HTTPS https://api.twitter.com/1.1/account_activity/webhooks.json?url=http%3A%2F%2F127.0.0.1%2Fwebhooks%2Ftwitter>,
    #<struct Faraday::RequestOptions params_encoder=nil, proxy=nil, bind=nil, timeout=nil, open_timeout=nil, boundary=nil, oauth=nil>,
    {"User-Agent"=>"Faraday v0.9.2",
      "OAuth oauth_consumer_key=\"secret info here\", oauth_nonce=\"secret info here\", oauth_signature=\"secret info here\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"info here\", oauth_token=\"secret info here\", oauth_version=\"1.0\"",

Getting desperate. Please Help!

  • Yaroslav

I have applied for access for two of my applications and got response from twitter saying "Great news! We’ve granted you beta access to the Account Activity API. The app ID you submitted in your application now has the ability to access the webhooks."
A bit worried that I put two application ids in the form (app_id & app_id) instead of one. Can this be a issue?

Could not authenticate you when setting webhook


It could certainly be related to using the incorrect app ID. Beyond that, it looks like you are attempting to set up the webhook consumer to be an internal address ( Are you using a tunneling service, like PageKite of ngrok?


Hi again,

For what’s it worth, here is a github bot/Account Activity (AA) project that is Ruby/Sinatra based. It uses the OAuth gem for AA/DM calls, and also the ‘twitter’ gem for uploading media for DMs with photos.



Thanks for the AA project, I already have Streaming API working and am trying to replace it with webhooks :slightly_smiling_face:
I thought localhost might be the problem, so tried ngrok too, but the problem remains. Also tried changing url from http to https:

Faraday.post do |req|
  req.url('https://api.twitter.com/1.1/account_activity/webhooks.json', url: 'https://54bc1a39.ngrok.io/webhooks/twitter')
  req.headers['Authorization'] = headers.oauth_auth_header.to_s
  req.headers['Content-Type'] = 'application/x-www-form-urlencoded'

=> #<Faraday::Response:0x007fa14eeba388
  #<struct Faraday::Env
   body="{\"errors\":[{\"code\":32,\"message\":\"Could not authenticate you.\"}]}",

Using the same credentials for posting tweets or even streaming API works just fine.
Could you check internally whether webhooks are enabled for 12895014 and 12894888 ? I’d really appreciate that.




I’m not an user of Ruby but maybe it will work for you : Registering a webhook url with app owner access token: 32 - Could not authenticate you

Otherwise, I has the same error and for me it was a problem with my Authorization header. I solved this in C# with RestSharp thus I can’t help you much ^^ Hope that it will help you !

Good luck ! :smiley:


If it can help you, for solve my problem, I used fiddler and postman for the see the difference between the postman’s request and my request. It’s how I seen the difference between the authorization header.

Cya !


Thanks a lot, freyjow

I did check the Authorization header dozens of times now and it seems correct to me.
Also you can see that application/x-www-form-urlencoded content type header is there too :frowning:
Will try postman to find the difference.


If the request with postman works, try to swap the postman auth header with your request. If it works, the problem is from the header, otherwise I don’t know ^^
Good luck :slight_smile:


Many Thanks for your help freyjow!

Unfortunately webhooks don’t work even with postman. I’ve tried posting a tweet and creating a webhook with same credentials. Tweet was posted without an issue but webhook still returns error code 32.

Posting Tweet:

Creating webhook:

I’ll leave this for today. Tomorrow I’ll fill the application form for webhooks access again. However this time I’ll specify only one app_id, not two (app_id & app_id) like the last time.


U don’t fill the good form in postman :smiley:

U need to fill the form in the Body tab for the webhook.


Ha, you are absolutely right! After changing request to what you have on your screenshot I’m getting 214 error which is definitely a progress!

I’ll investigate this now. Thanks!


No problem !
Good luck for the rest :smile:


For future googlers:

After changing ngrok url from http to https everything seems to work.
I think I need a drink…

Thanks again freyjow, that’s all thanks to you mate :slightly_smiling_face: