Can you make API calls using the same token to other end points such as account/verify_credentials?
xAuth really has nothing to do with making API calls themselves.
Was there any time you may have revoked your application access on twitter.com, generated an access token on dev.twitter.com, or otherwise re-invoked the authorization flow for the access token?
