skip to Main Content

I’m having trouble understanding how the Twitter authorization system works. I’m using next-auth to authenticate with Twitter and I get back a response that looks like:

account: {
    provider: 'twitter',
    type: 'oauth',
    id: 12345,
    refreshToken: '12345OdWwHk85yESQCNkRrqkLUIQ78SCKh4Ry',
    accessToken: '20744357-12345eJhOMjEEuuMARXF6DS7fZKqcyIULw',
    accessTokenExpires: null
  }

How can I use that to make calls against the Twitter API?

Using twitter-lite, how can I use the refreshToken and accessToken to authorize requests? It seems that I need access_token_key and access_token_secret.

Any help would be forever appreciated.

2

Answers


  1. Follow their documentation to sign your requests with the access tokens u have which is provided over here. I’m guessing you are working with OAuth 2.0 which gives you limited access to Twitter API.

    https://developer.twitter.com/en/docs/basics/authentication/overview

    The token you have posted seems like a bearer token ( OAuth 2.0). It won’t work with the API you are trying to use. https://developer.twitter.com/en/docs/basics/authentication/oauth-2-0/application-only , you need to check with next-auth if they support Twitter OAuth 1.0. I will research next-auth too

    Login or Signup to reply.
  2. NextAuth incorrectly refers to access_token_secret as refreshToken. Use the value present in refreshToken. I tested this with Twitter Provider and it works.

    Have raised an issue with nextauth https://github.com/nextauthjs/next-auth/issues/1321

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search