POST oauth2/token
Allows a registered application to obtain an app-only OAuth 2.0 Bearer Token, which can be used to make API requests on behalf of an App (as opposed to a user).
Only one Bearer Token may exist per App. Repeated requests to this method will yield the same already-existent token until it has been invalidated.
Tokens received by this method should be stored according to our authentication best practices. If attempted too frequently, requests will be rejected with a HTTP 403 with code 99.
Endpoint URL¶
https://api.twitter.com/oauth2/token
Authentication¶
Authentication | Basic authentication - Use your API Key as the username, and the API Secret Key as the password |
Query parameters¶
Name | Required | Description | Example |
grant_type | required | Specifies the type of grant being requested by the application. At this time, only client_credentials is allowed. See App-Only Authentication for more information. | client_credentials |
Example request¶
To use the following cURL request, just replace $API_KEY and $API_SECRET_KEY with credentials from your App:
curl --request POST -u$API_KEY:$API_SECRET_KEY \
--url 'https://api.twitter.com/oauth2/token?grant_type=client_credentials'
Example response
HTTP/1.1 200 OK
Status: 200 OK
Content-Type: application/json; charset=utf-8
...
Content-Encoding: gzip
Content-Length: 140
{"token_type":"bearer","access_token":"AAAA%2FAAA%3DAAAAAAAAxxxxxx"}