POST oauth/access_token

Allows a Consumer application to exchange the OAuth Request Token for an OAuth Access Token. This method fulfills Section 6.3 of the OAuth 1.0 authentication flow.

The OAuth access token may also be used for xAuth operations.

Please use HTTPS for this method, and all other OAuth token negotiation steps.

Resource URL

Resource Information

Response formats JSON
Requires authentication? Yes
Rate limited? Yes


Name Required Description Default Value Example
x_auth_password optional The password of the user for which to obtain a token for. Required when using xAuth    
x_auth_username optional The username of the user to obtain a token for. Required when using xAuth    
x_auth_mode optional Set this value to client_auth , without the quotes. Required when using xAuth    
oauth_verifier optional If using the OAuth web-flow, set this parameter to the value of the oauth_verifier returned in the callback URL. If you are using out-of-band OAuth, set this value to the pin-code. When using xAuth, this value should not be included. For OAuth 1.0a compliance this parameter is required unless you are using xAuth. Currently Twitter supports both OAuth 1.0 and OAuth 1.0a which means we do not error if this value isn’t included. OAuth 1.0a is now strictly enforced and applications not using the oauth_verifier will fail to complete the OAuth flow. If you’re not receiving an oauth_verifier in your callback, verify that you’re explicitly setting your oauth_callback on POST oauth/request_token .    

Example Response

Response to a successful request