Error 401: Unauthorized

yagashe
@yagashe Yogesh Agashe

Hello All,

I am using sign in with twitter button for oauth/authorizing app. When the user gets redirected to callback url, I sometimes get this error.

: HTTP Error 401: Unauthorized

However, this is not happening all the time. I looked up and this discussion says that this can happen due to incorrect time settings.
http://groups.google.com/group/twitter-development-talk/browse_thread/thread/aadee92bc5c34f29?pli=1

Time on the server is correct. Any suggestion on why this is happening is most welcome.

Thanks,
Yogesh

2 years 32 weeks ago

Replies

TwiDir
@TwiDir Twidir

i get the same. while the login and password are both valid.

2 years 26 weeks ago
kurrik
@kurrik Arne Roomann-Kurrik

For 401 errors, it would be most helpful to include a HTTP request dump of the failing request, or, if that is not possible, a listing of the code you're using to make the request, in addition to a list of any OAuth libraries you may be using.

2 years 26 weeks ago
Kundalini__Yoga
@Kundalini__Yoga Mary L. Thomas

HI this is the error I get. I just installed this yesterday

" WP to Twitter successfully contacted your selected URL shortening service. The following link should point to your blog homepage: http://antiagingkundalini.com/?p=
WP to Twitter failed to submit an update to Twitter.
401 Unauthorized: Authentication credentials were missing or incorrect."
I triple check all of the keys and they seemed fine.

Beats me

2 years 25 weeks ago
mello702
@mello702 Mello702 ►

Just ran into the 401 issue while authenticating

In our case, the 401 error was caused by leaving the 'callback url' setting field blank within the app config screens. Try setting something in that field, it isn't actually used in our case as the callback is specified on each request.

2 years 21 weeks ago
lopezpagan
@lopezpagan T o n y L ó p e z

Wow, this comment was written a long time ago, but it still works. This solve my problem. Thanks.

1 year 26 weeks ago
zararsiddiqi

Yup, this actually is still relevant. Thank you.

50 weeks 5 days ago
ErestorEtNienna
@ErestorEtNienna ErestorEtNienna

wow... had same issue and this 1 year and a half old comment helped me!!! Thanks @mello702 !

50 weeks 23 hours ago
harpreetsb
@harpreetsb harpreet bhatia

old comment but works like a charm. thank you.

46 weeks 4 days ago
Agence3pp
@Agence3pp MONCORGER Julie

perfect ! thanks a lot !

32 weeks 22 hours ago
mgarcia_dm
@mgarcia_dm mgarcia

This works for me. One app works without filling this field, and another app does not. I can't believe this kind of bugs in Twitter...

15 weeks 5 days ago
ProtoSyte
@ProtoSyte ProtoSyte

This helped us a lot. Thank you!

9 hours 38 min ago
TtsnApitest2011

also when i access my account api i got "The remote server returned an error: (401) Unauthorized." this type of error if any one have solution plz give me blog link..

Thanks

2 years 20 weeks ago
sachin_palde
@sachin_palde Sachin Palde

tough i have time corrected in my system still i get the same error...401

2 years 16 weeks ago
floodtechs
@floodtechs FloodTechs.com

I am getting the same error using vb6...

2 years 13 weeks ago
ITS_Loading
@ITS_Loading IT Solutions Loading

same error

2 years 4 weeks ago
MaoriMe1
@MaoriMe1 MaoriMe

Getting the same error over and over. This is the code im using.
Function Authorization(_Tweet As String, Tweet_url As String) As String

Dim CS_Key As String = "xxxxxxxxxxxx" ' Customer Key
Dim CS_Secret As String = "xxxxxx" ' Consumer Secret
Dim Token As String = "xxxxxxxx"
Dim TK_Secret As String = "xxxxxxxxxxxxx"
Dim oauth_version = "1.0"
Dim oauth_signature_method = "HMAC-SHA1"
Dim timeSpan = DateTime.UtcNow - New DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc)
Dim oauth_timestamp = Convert.ToInt64(timeSpan.TotalSeconds).ToString()
Dim oauth_nonce = Convert.ToBase64String(New ASCIIEncoding().GetBytes(DateTime.Now.Ticks.ToString()))

Dim _Query As String = ""
_Query = "include_entities=true&oauth_consumer_key=" & CS_Key _
& "&oauth_nonce=" & oauth_nonce _
& "&oauth_signature_method=" & oauth_signature_method _
& "&oauth_timestamp=" & oauth_timestamp _
& "&oauth_token=" & Token _
& "&oauth_version=" & oauth_version _
& "&status=" & Uri.EscapeDataString(_Tweet)

'Response.Write("Query:" & _Query & "<br>")
'Response.Flush()

Dim _Signature As String = "POST&" & Uri.EscapeDataString(Tweet_url) & "&" & Uri.EscapeDataString(_Query)
'Response.Write("Signature:" & _Signature & "<br>")
'Response.Flush()

Dim compositeKey = String.Concat(Uri.EscapeDataString(CS_Secret), "&", Uri.EscapeDataString(TK_Secret))
'Response.Write("compositeKey:" & compositeKey & "<br>")
'Response.Flush()

Dim oauth_signature As String
Using hasher As New HMACSHA1(ASCIIEncoding.ASCII.GetBytes(compositeKey))
oauth_signature = Convert.ToBase64String(hasher.ComputeHash(ASCIIEncoding.ASCII.GetBytes(_Signature)))
End Using

'Response.Write("oauth_signature:" & oauth_signature & "<br>")
'Response.Flush()

Dim _Header As String = ""
_Header = "OAuth " _
& "oauth_consumer_key=""" & Uri.EscapeDataString(CS_Key) & """, " _
& "oauth_nonce=""" & Uri.EscapeDataString(oauth_nonce) & """, " _
& "oauth_signature=""" & Uri.EscapeDataString(oauth_signature) & """, " _
& "oauth_signature_method=""" & Uri.EscapeDataString(oauth_signature_method) & """, " _
& "oauth_timestamp=""" & Uri.EscapeDataString(oauth_timestamp) & """, " _
& "oauth_token=""" & Uri.EscapeDataString(Token) & """, " _
& "oauth_version=""" & Uri.EscapeDataString(oauth_version) & """"

'Response.Write("<hr>" & _Header & "<hr>")
'Response.Flush()

Return _Header
End Function

Sub TwitIt(_Tweet As String)

Dim _Header As String = Authorization(_Tweet, Tweet_url)
Dim postBody = "status=" + Uri.EscapeDataString(_Tweet)

ServicePointManager.Expect100Continue = False
Dim request As HttpWebRequest = DirectCast(WebRequest.Create(Tweet_url), HttpWebRequest)

request.Headers.Add("Authorization", _Header)
request.Method = "POST"
request.ContentType = "application/x-www-form-urlencoded"
request.UserAgent = "OAuth gem v0.4.4"
request.Host = "api.twitter.com"
request.Accept = "*/*"

Using stream As IO.Stream = request.GetRequestStream()
Dim content As Byte() = ASCIIEncoding.ASCII.GetBytes(postBody)
stream.Write(content, 0, content.Length)
End Using
Dim response As WebResponse = request.GetResponse()
End Sub

Sub Tweet(sender As Object, e As System.EventArgs)
TwitIt("Ladies + Gentlemen blah blah")
End Sub

2 years 3 weeks ago
revathskumar
@revathskumar Revath S Kumar(RSK)

Does anyone still facing this issue?
I do even though I corrected the server time.

1 year 43 weeks ago
uber_nub
@uber_nub violet

I'm facing the same issue atm.
My server time is correct.
My local time is correct.
Everything was working like a charm and suddenly stopped.
Any ideas on it?

[status] => 401 Unauthorized it's driving me crazy >.<

1 year 43 weeks ago
dark_sun_
@dark_sun_ Ali Qanavatian

same error, i'm trying to use it with HybridAuth library.
no body is responsible for this error???
where are api developers?

1 year 38 weeks ago
LeTigerTom
@LeTigerTom TigerTom

When creating your application, do not click the "create your access token" until you first click on Settings and change the Application Type to "Read, Write and Access direct messages".
After your Twitter application has been updated to "Read, Write and Access direct messages", click on the Home tab, and "create your access token".
This should do the trick =)

1 year 36 weeks ago
Motoroute
@Motoroute Motoroutes.net

thanks, that helped a lot!

1 year 33 weeks ago
deeppune27
@deeppune27 Swarnendu Dutta

thanks that helped

1 week 6 days ago
serinformaticos
@serinformaticos SerInformaticos

THANKS!!! 4 hours checking the code, the php library, the server time sync, everything!!, one click, new tockens and twitting!!

1 year 24 weeks ago
manaskumarm
@manaskumarm Manas Mohapatra

Thanks, it helps me..

1 year 18 weeks ago
yirgabdm
@yirgabdm Yirga Badma

Not Yet

51 weeks 5 days ago
deeppune27
@deeppune27 Swarnendu Dutta

God Bless You.... i had to spend days sorting it out..

1 week 6 days ago
thrikalsamy
@thrikalsamy thrikal

i am trying to login through twitter account, my application throw this error.please help me...
OAuth::Unauthorized
401 Unauthorized

1 year 34 weeks ago
nauttor
@nauttor Nautor

Hello.

I have the same issue, in my case I use Oauth to connect to the rest api without problems, for example I have been able to request the URL"https://api.twitter.com/1/account/rate_limit_status.json" in authenticated mode. When I use it for the twitter sign-in, I receive a "401 Unauthorized".
This is the url and the Authorization header in the POST request that I used:

URL: https://api.twitter.com/oauth/request_token
Authorization Header: OAuth oauth_consumer_key="", oauth_nonce="396s34v6s8fvqa8hjlfh6qjqcfcciuqd5h0rbqffnp", oauth_callback="http%3A%2F%2FNautorTest.naut", oauth_signature="Y3%2FqtjGLdYG3iR7EnzkLMX7qeBU%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1345760500", oauth_version="1.0"

I verified that the timestamp is correct, and in my Twitter account I have read-write access for my application and the url callback is the same that here is displayed, of course without the encoding.

1 year 33 weeks ago
episod
@episod Taylor Singletary

POST requests are more difficult than GET requests to perform correctly. Did you just omit the consumer key in your example there or are you sending it along with the request? You can also use a GET to oauth/request_token, but you'll want to master POSTs anyway.

In most cases when a GET succeeds but a POST fails, it has something to do with your signature base string and how it is generated -- whether it's the encoding of parameters correctly or the ordering of parameters or otherwise; usually the problem is there.

1 year 33 weeks ago
nauttor
@nauttor Nautor

Thanks Taylor for your response, the consumer_key in my post is empty but in my java code is well defined, ¿were I found the docs where is well defined how to generate the signature? In previous post I say that rest api calls is working fine, I understand that the way of make the signature is not the problem because rest api calls is ok.

One more question, is the request_token call signed in the same way as the rest api calls is?

Thanks again!

Best regards!

1 year 33 weeks ago
nauttor
@nauttor Nautor

Hello again, I am unable to generate oauth_signature correctly.

My explanation: I do a main class with only POST oath/request_token functionality for reproduce de same oath_signature in this example https://dev.twitter.com/docs/auth/implementing-sign-twitter.

Following the steps in https://dev.twitter.com/docs/auth/creating-signature I do this methods in java to generate oath_signature parameter:

--------------START JAVA CODE----------------

  1. package test;
  2.  
  3. import java.io.BufferedReader;
  4. import java.io.IOException;
  5. import java.io.InputStreamReader;
  6. import java.io.UnsupportedEncodingException;
  7. import java.net.URL;
  8. import java.net.URLEncoder;
  9. import java.security.SignatureException;
  10. import java.util.Iterator;
  11. import java.util.SortedMap;
  12. import java.util.TreeMap;
  13. import javax.crypto.Mac;
  14. import javax.crypto.spec.SecretKeySpec;
  15.  
  16. import org.apache.commons.codec.binary.Base64;
  17. import org.apache.http.Header;
  18. import org.apache.http.HeaderElement;
  19. import org.apache.http.HttpEntity;
  20. import org.apache.http.HttpHost;
  21. import org.apache.http.HttpResponse;
  22. import org.apache.http.client.methods.HttpPost;
  23. import org.apache.http.impl.client.DefaultHttpClient;
  24.  
  25. public class TestLauncher {
  26.  
  27.    public static void main(String[] args) {
  28.        String response=TestLauncher.executeURL("https://api.twitter.com/oauth/request_token", "http://localhost/sign-in-with-twitter/");
  29.       System.out.println("response="+response);
  30.     }
  31.  
  32.  public static String executeURL(String url,String oauth_callback){
  33.      if(url==null||url.isEmpty()||oauth_callback==null||oauth_callback.isEmpty()) return null;
  34.       String page="";
  35.       try{    
  36.            HttpHost targetHost = new HttpHost("api.twitter.com", 443, "https");
  37.  
  38.               DefaultHttpClient httpclient = new DefaultHttpClient();
  39.                 try {
  40.                   // Create request
  41.                   // You can also use the full URI http://www.google.com/
  42.                     HttpPost httppost = TestLauncher.OAuthConnection(url,oauth_callback);
  43.                   // Execute request
  44.                  HttpResponse response = httpclient.execute(targetHost, httppost);
  45.  
  46.                  HttpEntity entity = response.getEntity();
  47.                   Header header=entity.getContentType();
  48.                  HeaderElement[] he=header.getElements();
  49.                    for(int i=0;i<he.length;i++) page+=" ["+he[i].getName()+"<"+he[i].getParameterCount()+">"+he[i].getValue()+"]";
  50.                    String line="";BufferedReader in=null;
  51.                    try{in=new BufferedReader(new InputStreamReader(entity.getContent()));}catch(Exception ex){
  52.                         try{Thread.sleep(10000);in=new BufferedReader(new InputStreamReader(entity.getContent()));}catch(Exception ex2){}
  53.                   }
  54.                   while(in!=null&&((line=in.readLine())!=null)){
  55.                     page+=line + "\n";
  56.                    }
  57.               } finally {
  58.                     httpclient.getConnectionManager().shutdown();
  59.               }
  60.       }catch(Exception e){e.printStackTrace();}
  61.       return page;
  62.    }
  63.  
  64.    private static HttpPost OAuthConnection(String url,String url_callback) throws IOException{
  65.          HttpPost httppost = new HttpPost(url);
  66.             String oauth_consumer_key="cChZNFj6T5R0TigYB9yd1w";
  67.           String oauth_nonce="ea9ec8429b68d6b77cd5600adbbb0456";
  68.            String oauth_callback=url_callback;
  69.             String oauth_signature_method="HMAC-SHA1";
  70.            String oauth_timestamp="1318467427";
  71.          String oauth_version="1.0";
  72.  
  73.            SortedMap<String,String> map=new TreeMap<String,String>();
  74.          map.put("oauth_consumer_key",URLEncoder.encode(oauth_consumer_key,"UTF-8"));
  75.            map.put("oauth_callback",URLEncoder.encode(oauth_callback,"UTF-8"));
  76.            map.put("oauth_nonce",URLEncoder.encode(oauth_nonce,"UTF-8"));
  77.          map.put("oauth_signature_method",URLEncoder.encode(oauth_signature_method,"UTF-8"));
  78.            map.put("oauth_timestamp",URLEncoder.encode(oauth_timestamp,"UTF-8"));
  79.          map.put("oauth_version",URLEncoder.encode(oauth_version,"UTF-8"));
  80.          URL url_object = new URL(url);
  81.          if(url_object.getQuery()!=null&&!url_object.getQuery().isEmpty()){
  82.              String[] params=url_object.getQuery().split("&");
  83.                 for(int i=0;i<params.length;i++) map.put(URLEncoder.encode(params[i].split("=")[0],"UTF-8"),URLEncoder.encode(params[i].split("=")[1],"UTF-8"));
  84.             }
  85.           String url_base=URLEncoder.encode(url_object.getProtocol()+"://"+url_object.getHost()+url_object.getPath(),"UTF-8");
  86.            String oauth_signature=TestLauncher.generateSignature(map,"POST",url_base);
  87.  
  88.          String auth_values="OAuth oauth_callback=\""+URLEncoder.encode(oauth_callback,"UTF-8")+"\", ";
  89.          auth_values+="oauth_consumer_key=\""+URLEncoder.encode(oauth_consumer_key,"UTF-8")+"\", ";
  90.          auth_values+="oauth_nonce=\""+URLEncoder.encode(oauth_nonce,"UTF-8")+"\", ";
  91.            auth_values+="oauth_signature=\""+URLEncoder.encode(oauth_signature,"UTF-8")+"\", ";
  92.            auth_values+="oauth_signature_method=\""+URLEncoder.encode(oauth_signature_method,"UTF-8")+"\", ";
  93.          auth_values+="oauth_timestamp=\""+URLEncoder.encode(oauth_timestamp,"UTF-8")+"\", ";
  94.            auth_values+="oauth_version=\""+URLEncoder.encode(oauth_version,"UTF-8")+"\"";
  95.          httppost.setHeader("Authorization",auth_values);
  96.          System.out.println("auth_values="+auth_values);
  97.       return httppost;
  98.    }
  99.  
  100.    private static String generateSignature(SortedMap<String,String> map,String httpMethod,String url_base) throws UnsupportedEncodingException{
  101.      String params="";
  102.         Iterator<String> keys=map.keySet().iterator();
  103.        Iterator<String> values=map.values().iterator();
  104.      while(keys.hasNext()){
  105.          params+=keys.next()+"="+values.next();
  106.            if(keys.hasNext()) params+="&";
  107.       }
  108.       String data=httpMethod+"&"+url_base+"&"+URLEncoder.encode(params, "UTF-8");
  109.       System.out.println("generateSignature() data="+data);
  110.         String consumer_secret="XXXXX";
  111.       String key=URLEncoder.encode(consumer_secret, "UTF-8");
  112.       String output=null;
  113.         try {
  114.           output=TestLauncher.calculateHMAC_SHA1(data, key);
  115.      } catch (SignatureException e) {
  116.            System.out.println("ERROR HMAC-SHA1: KEY["+key+"] - DATA["+data+"]");
  117.             e.printStackTrace();
  118.        }
  119.       return output;
  120.  }
  121.  
  122.    private static String calculateHMAC_SHA1(String data, String key) throws java.security.SignatureException{
  123.      String result=null;
  124.         try{
  125.            SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(), "HmacSHA1");
  126.             Mac mac = Mac.getInstance("HmacSHA1");
  127.            mac.init(signingKey);
  128.           byte[] rawHmac = mac.doFinal(data.getBytes());
  129.          result = new String(Base64.encodeBase64(rawHmac)).trim();
  130.       }catch(Exception e){
  131.            throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
  132.      }
  133.       return result;
  134.  }
  135. }

----------------END JAVA CODE-----------------

Executing this code I see that the generated oath_signature parameter is oauth_signature="JhNSoG1nhY6%2F0IIpP22lRaOng40%3D" and in twitter's example is oauth_signature="F1Li3tvehgcraF8DMJ7OyxO4w9Y%3D". This is my problem, I am wrong or I have an error generating the oauth_signature parameter.

Please can anybody help me?

Thanks and Best Regards!!

1 year 33 weeks ago
nauttor
@nauttor Nautor

Come on guys!! a bit of help :)

1 year 31 weeks ago
t_alfr
@t_alfr Toon Alfrink

Same problem... It worked for 2 days and it stopped.

Server time: Correct
Module used: Tweepy
Resource: POST statuses/filter

1 year 28 weeks ago
FilterTweeter
@FilterTweeter filter tweeter

any thing new ? I am trying to make the filter msgs to work to

1 year 23 weeks ago
proxycg
@proxycg Proxy Consulting

Hi All,

I am using Kentico CMS and ran into the same issue. I basically deleted the application and then re-created it followed by setting permissions first as recommended above by @LeTigerTom.

For Kentico CMS folks you get error message that are not descriptive, so I summarized in a post for Kentico users:

http://www.proxycg.com/trackback/d63528e1-b18c-43c9-b093-d5aaa543a139/Twitter-returns-(401)-Unauthorized-when-trying-to-post-using-Kentico-CMSDesk.aspx

1 year 14 weeks ago
place2bookmark
@place2bookmark place2bookmark.com

I am getting the same error with hybrid auth.....!!!! any help....

1 year 6 weeks ago
v1nayak
@v1nayak Vinayak

Hi,
I have integrated twitter login and tweet feature using OAuth in my Android App. So far there was no problem all is going well but since 4 hours I am getting Authorization failed Status 401 Error. Please support.

Thanks.

1 year 1 week ago
episod
@episod Taylor Singletary

Review that you're doing OAuth 1.0A to spec:

  • You must pass an oauth_callback value to oauth/request_token. It's not optional. Even if you have one already set on dev.twitter.com. If you're doing out of band OAuth, pass oauth_callback=oob.
  • You must pass along the oauth_verifier you either received from your executed callback or that you received hand-typed by your end user to oauth/access_token.
1 year 1 week ago
dbounds
@dbounds Darren Bounds

Hi. For some reason today we band receiving 401s for all Twitter 1.0 web OAuth flows for both our product and temporary. The systems impacted have been unchanged for some time.

I've included a sample of the HTTP flow that's resulting in the 401.

GET /oauth/request_token?oauth_consumer_key=OCK&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1365098454&oauth_nonce=7170606765253016&oauth_version=1.0&oauth_signature=ZBEE0hDtllqHlWxpho7jBdJn0mY%3D HTTP/1.1
User-Agent: Jakarta Commons-HttpClient/3.1
Host: api.twitter.com
Cookie: $Version=0; k=10.40.17.124.1365097763166946; $Path=/; $Domain=.twitter.com
Cookie: $Version=0; _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCJZwKtY9ASIKZmxhc2hJQzonQWN0aW9uQ29u%250AdHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoHaWQiJTkz%250AN2Y3ZDNmNjZjYmRjZjI2YmUyNWFjOGYwYjRiMjc3--83976c473a885783ee2fa5ac7982ef5322c8c2bb; $Path=/; $Domain=.twitter.com
Cookie: $Version=0; guest_id=v1%3A136509776305849994; $Path=/; $Domain=.twitter.com

HTTP/1.1 200 OK
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 147
content-type: text/html; charset=utf-8
date: Thu, 04 Apr 2013 18:00:54 GMT
etag: "1903d30c449aa942cc264a46ad099298"
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Thu, 04 Apr 2013 18:00:54 GMT
pragma: no-cache
server: tfe
set-cookie: _twitter_sess=BAh7CCIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCJZwKtY9AToHaWQiJTkz%250AN2Y3ZDNmNjZjYmRjZjI2YmUyNWFjOGYwYjRiMjc3--09326408a927d60b057b01f3fed7d0e730c8d6a9; domain=.twitter.com; path=/; HttpOnly
status: 200 OK
strict-transport-security: max-age=631138519
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-mid: 426312eb36c2d7548cd32c949cd229754aded249
x-runtime: 0.02272
x-transaction: ede17dcb8ba42630
x-xss-protection: 1; mode=block

GET /oauth/access_token?oauth_token=3PeniFWMRpkeYiTL4538iDPZe0miSP9kNpgS1LToGI&oauth_consumer_key=OCK&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1365098455&oauth_nonce=7170607798106033&oauth_version=1.0&oauth_signature=hcVN1JmXRL%2BMMarFXFJmQAZoAy0%3D HTTP/1.1
User-Agent: Jakarta Commons-HttpClient/3.1
Host: api.twitter.com
Cookie: $Version=0; k=10.40.17.124.1365097763166946; $Path=/; $Domain=.twitter.com
Cookie: $Version=0; guest_id=v1%3A136509776305849994; $Path=/; $Domain=.twitter.com
Cookie: $Version=0; _twitter_sess=BAh7CCIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCJZwKtY9AToHaWQiJTkz%250AN2Y3ZDNmNjZjYmRjZjI2YmUyNWFjOGYwYjRiMjc3--09326408a927d60b057b01f3fed7d0e730c8d6a9; $Path=/; $Domain=.twitter.com

HTTP/1.1 401 Unauthorized
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 434
content-type: text/html; charset=utf-8
date: Thu, 04 Apr 2013 18:00:55 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Thu, 04 Apr 2013 18:00:55 GMT
pragma: no-cache
server: tfe
set-cookie: k=10.41.3.127.1365098455245574; path=/; expires=Thu, 11-Apr-13 18:00:55 GMT; domain=.twitter.com
set-cookie: guest_id=v1%3A136509845510848576; Domain=.twitter.com; Path=/; Expires=Sat, 04-Apr-2015 18:00:55 UTC
status: 401 Unauthorized
strict-transport-security: max-age=631138519
vary: Accept-Encoding
www-authenticate: OAuth realm="https://api.twitter.com"
x-frame-options: SAMEORIGIN
x-mid: 49c7394d408ff0fda3b321023eaacbb51be09189
x-transaction: 7097129b9c90566e
x-xss-protection: 1; mode=block

1 year 1 week ago
sameeh_harfoush
@sameeh_harfoush Sameeh Harfoush

i am facing the 401 error. i am using jsOAuth-1.3.6.js library.
1- I call fetchRequestToken (ok)
2- i open the user authorization / login window (ok)
3 - enter username and password and get the callback url (ok)
4 - call fetchAccessToken (get 401 error)

below is my header:

oauth_callback = http://192.168.1.74:8888/callback/twitterOauthCallback.html
oauth_consumer_key = E3xxxxxxxxxxxxxxHfg
oauth_token = J1fxxxxxxxxxxxxxxxxxxxxxxxxxxxx20
oauth_signature_method = HMAC-SHA1
oauth_timestamp = 1365151792
oauth_nonce = 36222C667E353A51
oauth_verifier =
oauth_version = 1.0

any idea what might be the problem ?? i am blocked

1 year 1 week ago
episod
@episod Taylor Singletary

See oauth/access_token Stopped working today and make sure you're sending the oauth_verifier on the oauth/access_token step.

1 year 1 week ago
saboonike
@saboonike sabareesh

Hi
I am facing The Issue in getting the Access token For Twitter
1. In Windows I am able to generate the access token successfully using sign-in-twitter method.

  1. When i tried to deploy in the Linux(tomcat server) i am getting the 401 Unauthorized error....
    For https://api.twitter.com/oauth/request_token
    Response i am getting .....

    http response : HTTP/1.1 401 Unauthorized
    [cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0,
    content-length: 44, content-type: text/html; charset=utf-8,
    date: Tue, 21 May 2013 14:59:41 GMT, expires: Tue, 31 Mar 1981 05:00:00 GMT,
    last-modified: Tue, 21 May 2013 14:59:41 GMT,
    pragma: no-cache, server: tfe,
    set-cookie: _twitter_sess=BAh7CDoHaWQiJWRkZmFlOTQwOGE0NzMxY2E2MGRmMWJhYjdmMTE0ZGU0Og9j%250AcmVhdGVkX2F0bCsIBVuaxz4BIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--b443e454dd6978065d01c66dab1d4bab7b12b1a3;
    domain=.twitter.com; path=/; HttpOnly,
    set-cookie: guest_id=v1%3A136914838194546230;
    Domain=.twitter.com; Path=/; Expires=Thu, 21-May-2015 14:59:41 UTC,
    status: 401 Unauthorized, strict-transport-security: max-age=631138519,
    vary: Accept-Encoding, x-frame-options: SAMEORIGIN, x-mid: 2fe33275026baf8bfe76aad15be713ee0e043706,
    x-runtime: 0.01648, x-transaction: 6febc9ccdcce8bca, x-xss-protection: 1;
    mode=block]

Is anything to be changed in Linux Server..... because when with windows it is working fine i am able to get the access token.

47 weeks 21 hours ago
episod
@episod Taylor Singletary

There are number of environmental things that effect making connections to the API -- the system clock and the SSL implementation on the server being two of the most common things. Take a look at Troubleshooting OAuth 1.0A for some debugging tips.

46 weeks 6 days ago
omalave
@omalave Omar Malavé

Did you check the time?

42 weeks 22 hours ago
swanshi_saxena

I am getting The remote server returned an error: (401) Unauthorized

in this function pls reply me as soon as

public string WebResponseGet(HttpWebRequest webRequest)
{
StreamReader responseReader = null;
string responseData = "";

try
{
responseReader = new StreamReader(webRequest.GetResponse().GetResponseStream());
responseData = responseReader.ReadToEnd();
}
catch
{
throw;
}
finally
{
webRequest.GetResponse().GetResponseStream().Close();
responseReader.Close();
responseReader = null;
}

return responseData;
}

25 weeks 1 hour ago
swanshi_saxena

StreamReader(webRequest.GetResponse().GetResponseStream()); giving me 401 error

Pls help me

25 weeks 53 min ago
gascasf
@gascasf David Gasca

For me this problem was resolved when I unchecked the box that says
"Allow this application to be used to Sign in with Twitter".

Using Omniauth-twitter gem, Rails 3.2.1.4.

18 weeks 4 days ago
ThoughtsByBen

This worked for me too! Thanks for this hint, I can finally stop banging my head!

Oh, and I am also using Omniauth-twitter gem

11 weeks 20 hours ago
SivaBalan2610

can someone provide the complete solution for this issue?

As part of the process(https://dev.twitter.com/docs/auth/implementing-sign-twitter ) provided by twitter to obtain final auth_token , i'm able to get the response for step 1 & 2.

But when i try to get the final auth_token by making the request using the below URL, i'm still geting 401 error.

  1. string loginURL ="https://api.twitter.com/oauth/access_token?oauth_consumer_key="+TwitterAPI.Consumerkey +"&oauth_nonce="+nonce+"&oauth_signature="+sign+"&oauth_signature_method=HMAC-SHA1&oauth_timestamp="+timeStamp+ "&oauth_token="+TwitterAPI.AuthToken+"&oauth_verifier="+TwitterAPI.AuthTokenVerifier+"&oauth_version=1.0";

what's is wrong in this URL?

it'll be of great help, if some one provide the solution for this issue.

6 weeks 7 hours ago
Auguronomics
@Auguronomics Damien Maresma

Hi, Just to take care about the time sync on your computer, plus minus 5 min you'll be too late:
401 Autorization Failed on Twitter oAuth #

$oauth_timestamp = [System.Convert]::ToInt64($ts.TotalSeconds + 305).ToString();

5 weeks 1 day ago