Twitter 1.1 OAuth authenticity_token_error(99)

Question

I use the following code to get the bearer token:

$token = base64_encode($client_id.\':\'.$client_sec);

$data = array (\'grant_type\' => \'client_credent         


        

Answer 1

I struggled with this for awhile and none of the answers I've found seemed to help. The documentation for the error is also a vague "something went wrong".

My problem is that I was using a mashup of code I found, and the headers weren't used correctly:

$headers = array(
    'Authorization' => 'Basic ' . base64_encode($appid . ':' . $secret), // WRONG!!!

    'Authorization: Basic ' . base64_encode($appid . ':' . $secret),     // Correct!
    'Content-Type: application/x-www-form-urlencoded;charset=UTF-8',     // Correct!
);

For me, the problem was that the Authorization header was using key-value format, while the content-type header was not. This broke the authorization header.

Here are some other things to check that also relate to error 99:

1. Verify that your credentials are correct and base64 encoded (see above)
2. Make sure the request is using POST
3. Ensure the content-type is set (see above)
4. Make sure you included grant_type=client_credentials as a post field.
5. SSL is required, make sure that is being used (https://)
6. Try verbose logging to help debugging. It should include SSL certificate information, your authorization header, and content type header. This won't show the grant_type field though, only headers.
7. If everything looks OK but it still won't work, you might be getting rate limited. Rate limits reset every 15 minutes.

When you finally get your access token, make sure you cache it to avoid rate limiting. You get 450 requests every 15 minutes, I believe. Half of that will be spent on getting your access token if you don't cache it!