I’m having trouble understanding how the Twitter authorization system works. I’m using next-auth to authenticate with Twitter and I get back a response that looks like:
account: {
provider: 'twitter',
type: 'oauth',
id: 12345,
refreshToken: '12345OdWwHk85yESQCNkRrqkLUIQ78SCKh4Ry',
accessToken: '20744357-12345eJhOMjEEuuMARXF6DS7fZKqcyIULw',
accessTokenExpires: null
}
How can I use that to make calls against the Twitter API?
Using twitter-lite
, how can I use the refreshToken
and accessToken
to authorize requests? It seems that I need access_token_key
and access_token_secret
.
Any help would be forever appreciated.
2
Answers
Follow their documentation to sign your requests with the access tokens u have which is provided over here. I’m guessing you are working with OAuth 2.0 which gives you limited access to Twitter API.
https://developer.twitter.com/en/docs/basics/authentication/overview
The token you have posted seems like a bearer token ( OAuth 2.0). It won’t work with the API you are trying to use. https://developer.twitter.com/en/docs/basics/authentication/oauth-2-0/application-only , you need to check with next-auth if they support Twitter OAuth 1.0. I will research next-auth too
NextAuth incorrectly refers to
access_token_secret
asrefreshToken
. Use the value present inrefreshToken
. I tested this with Twitter Provider and it works.Have raised an issue with nextauth https://github.com/nextauthjs/next-auth/issues/1321