Twitter APIs handle enormous amounts of data. The way we ensure this data is secured for developers and users alike is through authentication. There are a few methods for authentication, each listed below.
Most developers will not need to work with the details of authentication as Twitter client libraries already implement the protocol. Supported libraries >
When to use
The most common methods used by the Twitter Developer Platform are OAuth 1.0a and OAuth 2.0 Bearer Token. The best place to check the authentication method required for an endpoint is the API reference page.
Some differences between OAuth 1.0a and OAuth 2.0 Bearer Token methods are:
|Use case||OAuth 1.0a||OAuth 2.0 Bearer Token|
|Pull user timelines||✔||✔|
|Get trends data||✔||✔|
|Post, like, or Retweet a Tweet||✔|
|Retrieve a users' email address||✔|
|Read or write advertiser data||✔|
Required keys and tokens
|Consumer API Keys
Access Token & Access Token Secret
|Rate Limits||Distinct per User and sometimes Twitter developer app||Distinct per Twitter developer App|
Your app's Consumer API Keys and Bearer Token, as well as your personal Access Token and Access Token Secret can be obtained from the Twitter developer apps section found in the developer portal. To generate access tokens for a different user, you will need to use the 3-legged OAuth process.