Authentication

The API accepts 3 different authentication methods:

O auth2 user token (oauth2)

Retrieve an Access Token with the OAuth 2.0 flows described below before accessing the API. Once you have an access token, send it in the Authorization HTTP header to authenticate with the API.

Flow type authorizationCode
Authorization URL https://api.twitter.com/2/oauth2/authorize
Token URL https://api.twitter.com/2/oauth2/token
Scopes
  • like.read:

    Allows the app to read Tweets that the authenticated user has liked.

  • list.read:

    Allows the app to view any lists the authenticated user has created and lists they are a member of, including private lists.

  • mute.read:

    Allows the app to read the users the authenticated user has muted.

  • block.read:

    Allows the app to read the users the authenticated user has blocked.

  • like.write:

    Allows the app to like and un-likes Tweets for the authenticated user.

  • list.write:

    Allows the app to create and manage lists for the authenticated user.

  • mute.write:

    Allows the app to mute and unmute users for the authenticated user.

  • space.read:

    Allows the app to read the Spaces the authenticated user can see.

  • tweet.read:

    Allows the app to view any Tweets the authenticated user can see, including Tweets from protected accounts.

  • users.read:

    Allows the app to view any account the authenticated user can see, including protected accounts.

  • block.write:

    Allows the app to block and unblock users for the authenticated user.

  • tweet.write:

    Allows the app to tweet and retweet for the authenticated user.

  • follows.read:

    Allows the app to read the users who follow the authenticated user and users that they follow.

  • bookmark.read:

    Allows the app to read bookmarked Tweets

  • follows.write:

    Allows the app to follow and unfollow users for the authenticated user.

  • bookmark.write:

    Allows the app to add/remove Tweets to/from bookmarks

  • offline.access:

    Allows the app to request a refresh token.

  • tweet.moderate.write:

    Allows the app to hide and unhide replies to the authenticated user's Tweets.

Bearer token (http)

Send a bearer token in the Authorization HTTP header to authenticate with the API.

User token (http)

Send a oauth token in the Authorization HTTP header to authenticate with the API.