Subscribe to account activity
User - A Twitter @user account. All write actions on the Twitter API require the user context. If you are building a bot, then the bot is a user. Customers interacting with the bot are also users. All messages sent on Twitter are between two User entities. For authentication purposes, each User has an Access Token (API key) and Access Token Secret (API secret) associated with it.
App - A Twitter app is created on apps.twitter.com. An app is always owned by a single user. The app provides the base context for using the Twitter API.
Why do I need access tokens for user accounts?
All write actions using the Twitter API require access tokens. Reading of private data such as Direct Messages also require access tokens. Access tokens provide the user context and permissions when using the Twitter API.
In order for an app to read and write Direct Messages on behalf of a user, the user must grant permission to the app to do so. When a user grants permission, user tokens generated for that user are provided in API requests. Each subsequent API request for that user will then include these access tokens.
How do I generate the access tokens to read/write direct messages?
First, your app must have the “Read, Write and Access direct messages” permission enabled on the “Permissions” tab on apps.twitter.com.
Once the proper permissions are set, there are two types of scenarios where you will need to generate tokens:
1. User owns the app / Single User - If the user is the owner of the app, you can generate tokens on apps.twitter.comunder the “Keys and Access Tokens” tab. Click the “Create my Access Tokens” button on the bottom of the page.
2. User does not own the app / Multiple Users - If your app is going to consume Account Activity events on behalf of multiple users, each user must authenticate with your app to grant permission. To achieve this you must have a web app that implements Twitter Sign-in.
If you have access to the user accounts (e.g. test accounts) then you can use twurl. By adding the user account to twurl, access tokens will be generated. The access tokens for each user will be stored in a .twurlrc file. See the docs for twurl on github for details.
- Once you have obtained user Access Tokens, you are ready to add Account Activity subscriptions. See our Managing your webhooks and adding subscriptions for more information.
- Learn more about these topics:
- See Account Activity API references.
- Learn more about Twitter authentication.
- See example code: