Using bearer tokens

What is a bearer token?

Bearer tokens allow for a more secure point of entry for developers to use the Twitter APIs. They are one of the core features of OAuth 2.0. Bearer tokens are a type of access token; authentication which uses bearer tokens is also known sometimes as application-only authentication or auth-only authentication.

A bearer token is a byte array of unspecified format that you generate via a script like a curl command. More information about this feature can be found here in OAuth’s official documentation.

When are they used?

The products that require use of a bearer token are as follows:


You will first need to create a Twitter app. To do so, you are going to need an approved developer account. You can apply for a developer account here.

After you have completed the initial set up, you will need to grab your consumer API key and API secret key from your Twitter app. For more information about getting set up to locate your keys, please review our documentation on the subject.

How to generate a bearer token

Below is a curl command that you can run from your command line to create a bearer token:

curl -u 'API key:API secret key' \
  --data 'grant_type=client_credentials' \

Be sure to replace API key and API secret key with your alphanumeric consumer API key and API secret key. For this example the result you would get back would be as follows:

{"token_type":"bearer","access_token":"bearer token"}

Here is what the response would look like with a decommissioned token:


The bearer token in this case that you would use to authenticate to resources with would be:



Next steps

Be sure to check out our documentation for products that use application-only authentication. Example requests using bearer tokens can be also found in these resources.