400 "{"errors":[{"message":"Bad Authentication data","code":215}]}

dbounds
@dbounds Darren Bounds

We are currently receiving 400 errors when interacting with the API for previously working requests to verify_credentials.json. The following is the payload: "{"errors":[{"message":"Bad Authentication data","code":215}]}

This is part of our new user signup workflow so basically new users are unable to signup.

1 year 21 weeks ago

Replies

episod
@episod Taylor Singletary

Can you share a user ID this is happening with and any other information about the request? (The HTTP headers you're sending, the exact URL you're executing, and so on?) Thanks!

1 year 21 weeks ago
demotechiestown
@demotechiestown Demo Techiestown

1

1 year 6 weeks ago
dbounds
@dbounds Darren Bounds

Here's one for my user: 14402132

GET /1/account/verify_credentials.json HTTP/1.1
Authorization: OAuth realm="", oauth_token="11300502-mR37JPiUPfgLifLOI3Lj2iv61DQ8DZEq0y0MDMUM", oauth_consumer_key="", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1353519448", oauth_nonce="11120750151629684", oauth_version="1.0", oauth_signature="vd9lb%2FQMAJSs%2BLc1O4rxBIh11Pg%3D"
User-Agent: Jakarta Commons-HttpClient/3.1
Host: api.twitter.com

HTTP/1.1 400 Bad Request
Content-Type: application/json; charset=utf-8
Content-Length: 61
Date: Wed, 21 Nov 2012 17:37:28 UTC
Server: tfe

{"errors":[{"message":"Bad Authentication data","code":215}]}

1 year 21 weeks ago
episod
@episod Taylor Singletary

Thanks, I'm looking into this issue.

1 year 21 weeks ago
dbounds
@dbounds Darren Bounds

Thank you.

1 year 21 weeks ago
episod
@episod Taylor Singletary

Are you actually sending an empty oauth_consumer_key in this case or did you just omit it for the example?

1 year 21 weeks ago
dbounds
@dbounds Darren Bounds

I omitted.

1 year 21 weeks ago
jrgns
@jrgns Jurgens du Toit

Should the oauth_consumer_key be included? The Zend lib that I'm using omits it.

1 year 20 weeks ago
InfowareSolutio
@InfowareSolutio Infoware Solutions1

j

1 year 8 weeks ago
teknotica
@teknotica Silvia Rebelo

Hi Taylor,

Do you mind pasting an example of how the URL for searching will look like with all the Oath parameters needed? I think that will help a lot!

Thank you!

43 weeks 3 days ago
vinayak57750874
@vinayak57750874 vinayak dornala

Hi,

Did you get the final working search URL? We are facing tough time to break this issue. Appreciate your early response

38 weeks 12 hours ago
theuidev
@theuidev Philip Klauzinski

I am encountering the same issue. I'm seeing it pop up in several threads over the last few days, so it must be a bug recently introduced. Any resolution yet?

1 year 21 weeks ago
kongomongo
@kongomongo kongomongo

I am having the same problem.

I have a working test bed where:

get("lists/statuses") works perfectly fine.

if i just swap it to get("statuses/home_timeline") I get the above response.

Am I doing something wrong or is this a bug?

1 year 20 weeks ago
oktopost
@oktopost Oktopost

Did anybody resolve this issue?

1 year 20 weeks ago
bsteinback
@bsteinback Bruce Steinback

For what it's worth, here's what we sent received. It's been working fine for like years until just a few days ago:

20:47:08,665 [http-4321-2] DEBUG Request:
20:47:08,665 [http-4321-2] DEBUG GET http://api.twitter.com/1/statuses/home_timeline.json?include_entities=false
20:47:08,673 [http-4321-2] DEBUG OAuth base string: GET&http%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses%2Fhome_timeline.json&include_entities%3Dfalse%26oauth_consum
er_key%3D%26oauth_nonce%3D911738141%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1353635228%26oauth_token%3D136054363-TlI9LsJFSTvDY5GXwXaOVHbfVeseYY
OVnRUS5hE%26oauth_version%3D1.0
20:47:08,675 [http-4321-2] DEBUG OAuth signature: Ke68GcXdObN3dkapvecPH1A8u5w=
20:47:08,678 [http-4321-2] DEBUG Authorization: ****************************************************************************************************************

20:47:08,679 [http-4321-2] DEBUG X-Twitter-Client-URL: http://twitter4j.org/en/twitter4j-2.1.11.xml
20:47:08,679 [http-4321-2] DEBUG X-Twitter-Client: Twitter4J
20:47:08,679 [http-4321-2] DEBUG Accept-Encoding: gzip
20:47:08,680 [http-4321-2] DEBUG User-Agent: twitter4j http://twitter4j.org/ /2.1.11
20:47:08,680 [http-4321-2] DEBUG X-Twitter-Client-Version: 2.1.11
20:47:08,912 [http-4321-2] DEBUG Response:
20:47:08,913 [http-4321-2] DEBUG HTTP/1.1 400 Bad Request
20:47:08,914 [http-4321-2] DEBUG Date: Fri, 23 Nov 2012 01:47:24 UTC
20:47:08,915 [http-4321-2] DEBUG Content-Length: 86
20:47:08,915 [http-4321-2] DEBUG Content-Encoding: gzip
20:47:08,916 [http-4321-2] DEBUG Content-Type: application/json; charset=utf-8
20:47:08,917 [http-4321-2] DEBUG Server: tfe
20:47:08,919 [http-4321-2] DEBUG {"errors":[{"message":"Bad Authentication data","code":215}]}

1 year 20 weeks ago
kongomongo
@kongomongo kongomongo

Not for me, still not working here. Any status?

1 year 20 weeks ago
Mohsin112212
@Mohsin112212 Mohsin

Any resolution on this? I am still seeing this error on "verify_credentials" call. Please update the thread if anybody is able to resolve this issue.

1 year 20 weeks ago
n0bullet
@n0bullet Aliaksei Nikuliak

I have the same issue while I am trying to upload a picture to https://api.twitter.com/1.1/statuses/update_with_media.json:

  1. OAUTH 1.0: Base string: POST&https%3A%2F%2Fapi.twitter.com%2F1.1%2Fstatuses%2Fupdate_with_media.json&oauth_consumer_key%3DpgdxowbuLIgB93xD5qw84g%26oauth_nonce%3D2335383970711083%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1354007164%26oauth_token%3D56183112-cbXnWNKdVuKK9fXBiuxojwehNeK75cmrPZtaaKeYa%252CpTOvVy4CsKXs6wMOI8a8mGVVfjfQrRPyzmoHjg%26oauth_version%3D1.0.
  2. OAUTH 1.0 (request): Using cosumer key: pgdxowbuLIgB93xD5qw84g, consumer secret: [[[OMITTED]]], token secret: [[[OMITTED]]].
  3. HEADERS (request): Sending Content-Type (multipart/form-data; boundary=---------------------------7dc1251e10222).
  4. HEADERS (request): Sending Connection (close).
  5. HEADERS (request): Sending Accept-Language (en-US).
  6. HEADERS (request): Sending Accept (text/html, application/xhtml+xml, /).
  7. HEADERS (request): Sending User-Agent (Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0)).
  8. HEADERS (request): Sending Dnt (1).
  9. HEADERS (request): Sending Authorization (OAuth oauth_consumer_key="pgdxowbuLIgB93xD5qw84g", oauth_nonce="2335383970711083", oauth_signature="LpGAOVa%2BpEwWieeGqS4oxy%2FL91c%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1354007164", oauth_token="56183112-cbXnWNKdVuKK9fXBiuxojwehNeK75cmrPZtaaKeYa%2CpTOvVy4CsKXs6wMOI8a8mGVVfjfQrRPyzmoHjg", oauth_version="1.0").
1 year 20 weeks ago
bsteinback
@bsteinback Bruce Steinback

Thanks for nothing. Workaround applied at our end. Let us know if you ever do get around to this :-(

1 year 20 weeks ago
n0bullet
@n0bullet Aliaksei Nikuliak

Can you share your workaround?
Thanks.

1 year 20 weeks ago
kongomongo
@kongomongo kongomongo

Yes Please give us a hint on how to work around the issue.

Thanks in advance.

1 year 20 weeks ago
farreachsocial
@farreachsocial Farreach.es

We're seeing the same problem, with our app. Any advice on how to work it around?

1 year 20 weeks ago
farreachsocial
@farreachsocial Farreach.es

@dbounds did you solve the problem?

1 year 20 weeks ago
theuidev
@theuidev Philip Klauzinski

My workaround for verifying credentials is to now use the /account/settings.json method and check for a 'screen_name' property being returned. Otherwise, an 'error' property will be returned.

1 year 19 weeks ago
ThorstenSuckow
@ThorstenSuckow Thorsten Suckow

Same problem here. What's the status of the issue?

Edit:
Just to clarify things:
I'm using Zend Framework and it's oauth tools - the issue appears with ZF 1.9 and 1.12. And it only appears when I'm trying to verify credentials. Everything else works fine (timelines, status updates etc.). So I assume it's not an issue of the client library since the same Http Client with the same configuration is re-used for all those actions (timeline update, verify credentials...)

1 year 19 weeks ago
ChuYuYi
@ChuYuYi Chu,Yu-Yi

I'm not sure that i have the same problem with all of you .
I got the response as following
HTTP/1.1 400 Bad Request
Content-Length:0
Connection: Close

I using socket in C++ to get the following of each user.
It was workable two weeks ago. However , i get a bad request now.

What's wrong with my program?

1 year 19 weeks ago
sravi1256
@sravi1256 Ravi Sharma

Yeah :D i got it fixed now let me know if anybody is facing this kind of issue.

1 year 18 weeks ago
tweet2echo
@tweet2echo Tweet 2 echo

I'm still facing this issue. Could you please give a hint

1 year 18 weeks ago
Passion_beat
@Passion_beat PassionBeat

I am facing the same issue can u help me???

41 weeks 6 days ago
Passion_beat
@Passion_beat PassionBeat

I am facing the same issue..I am using PHP..can anyone help me???

41 weeks 6 days ago
dilorias
@dilorias Dmitry Lobanov

have the same problem

{"errors":[{"message":"Bad Authentication data","code":215}]}

curl -X GET -H "Authorization: OAuth oauth_nonce="OAUTH_ONCE", oauth_timestamp="1355389805", oauth_version="1.0", oauth_consumer_key="CONSUMER_KEY", oauth_signature="SIGNATURE", oauth_signature_method="HMAC-SHA1", oauth_callback="rstwitterengine%3A%2F%2Fauth_token""

and it is strange, cause epochconverter.com said to me, that oauth_timestamp is NOW date

1 year 18 weeks ago
jurerick
@jurerick jur erick porras

it looks like no one can solve the issue

1 year 13 weeks ago
AlexanderZak
@AlexanderZak Alexander Zak

:(

1 year 13 weeks ago
jayaprakash1313

I am getting error
{"errors":[{"message":"Bad Authentication data","code":215}]}

for using this Url
https://api.twitter.com/1.1/statuses/home_timeline.json?screen_name=username

so can any one fix this bug.

1 year 9 weeks ago
episod
@episod Taylor Singletary

Are you using OAuth when you connect?

The home timeline doesn't take a screen_name parameter. You only get the home timeline of the authenticating user.

1 year 9 weeks ago
WahabAtEphlux
@WahabAtEphlux Abdul Wahab

how to use OAuth, I have token, verifier etc, and I tried to use these in url parameters, and in request header too, but still having bad authentication data since last weekend,
Kindly let me know the proper format where and how to send the required credentials, as this link (http://stackoverflow.com/questions/14095272/twitter-api-1-1-gives-error-code-32) says something is needed to be sorted, I tried header parameter sorted too, but still same error.
I am requesting the timeline in Android http client request

48 weeks 5 days ago
WahabAtEphlux
@WahabAtEphlux Abdul Wahab

@episod, need guide

48 weeks 5 days ago
resosongy
@resosongy Reso Songy

Is this issue resolved? I tried both https://api.twitter.com/1.1/account/settings.json and https://api.twitter.com/1/account/settings.json but still returning same error message.

1 year 8 weeks ago
blanko_tweet
@blanko_tweet blank tweet

is there any workaround on this? im using /statuses/update.json

1 year 8 weeks ago
resosongy
@resosongy Reso Songy

weird, I change my system to use the twitteroauth provided by abraham, then it can be used. While my original epioauth and tmhoauth cannot be used to get the credentials. The twitteroauth mentioned can be downloaded here: https://github.com/abraham/twitteroauth

1 year 8 weeks ago
UdayNariseti
@UdayNariseti uday Nariseti

Hi ..I am using this
$json_data = json_decode(file_get_contents("https://api.twitter.com/1.1/statuses/retweets/283408447997886464.json"));
var_dump($json_data);

to extract the retweets of a particular status by it's id, But I am getting the following error..

file_get_contents(https://api.twitter.com/1.1/statuses/retweets/283408447997886464.json?include_entities=true): failed to open stream: HTTP request failed! HTTP/1.0 400 Bad Request in

I am unable to figure out why this is happening, please help me..

1 year 8 weeks ago
WahabAtEphlux
@WahabAtEphlux Abdul Wahab

have you got it fixed ??

48 weeks 5 days ago
jayaprakash1313

Hi,
I am using this url to fetch feeds from twitter home.
http://api.twitter.com/1/statuses/user_timeline.json?screen_name=username&page=1&count=20&include_rts=true.
I got only feeds what i post.But i need full home feeds what i posts and what my followers posts.
So can any one help and give the correct solution to fetch.What i am having feeds from my twitter home page

1 year 8 weeks ago
Tester96741757
@Tester96741757 Tester

Having the same problem. Is it solved yet?

1 year 6 weeks ago
tretiy3
@tretiy3 Ganzha Alexey

Hi guys. I had this error response over and over again. Here is my comment about using api 1 instead of 1.1 in this thread.
But, actually it was my mistake!
I`ve always sent wrong Auth header. Actually the mistake was in time stamp. Somehow i put comma in it, so my timestamp were looking like that: timestamp:"1347058301,456" (thats the result of (DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0)).TotalSeconds.ToString() in c#)
The bad thing was that such a timestamp works in my GET requests. And does not work in POST request (update_with_media).
So i fix the timestamp, and everything is working now.
Fix your mistakes guys.
Good luck.

1 year 4 weeks ago
Tatters1979
@Tatters1979 Touch of the Tatters

I've just started getting this same error ({"errors":[{"message":"Bad Authentication data","code":215}]}),

It started on the 21st March just after the API move from 1 to 1.1? I'm using the Abraham library to sign in and the Matt Harris library to tweet an image. It was working fine just before the switch from API 1 to 1.1 and both are still working fine by themselves (hard coded token and secret for Update_with_image).... but when I log in as a user and try to tweet an image the error pops up?

Any help would be appreciated.

1 year 3 weeks ago
khalidco
@khalidco Khalid A.S.

I think the problem stems from the certificate file that needs to be in the path of the executing script. I have two web pages that use the same functions in another script and one worked while the other didn't. When I moved the include directive to the top of the script file, it worked. I am using tmhOAuth.php and tmhUtilities.php using version 1. The cacert.pem file is required for authentication and without it, you end up with ambiguous errors.

51 weeks 14 hours ago
gorkemogut
@gorkemogut Görkem Öğüt

https://api.twitter.com/1.1/search/tweets.json has same issue?

50 weeks 2 days ago
swforeman
@swforeman Steven Foreman

I am also getting the same issue with https://api.twitter.com/1.1/search/tweets.json using a bearer token from app-only auth. Can anyone show a working example of the 1.1 search using app-only auth? I have mine version coded in Java

49 weeks 6 days ago