Home/ Questions/Q 9226693
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-18T04:53:28+00:00

I’ve been trying to implement ‘Sign in with Twitter’, but I’m stuck at trying

  • 0

I’ve been trying to implement ‘Sign in with Twitter’, but I’m stuck at trying to work out how to get an OAuth token secret for the user.

The Twitter API docs (here) say:

To start a sign in flow, your application must obtain a request token by sending a signed message to POST oauth/request_token

The body of the response will contain the oauth_token, oauth_token_secret, and oauth_callback_confirmed parameters

And the docs for creating a signature (here) say:

The value which identifies the account your application is acting on behalf of is called the oauth token secret. This value can be obtained in several ways, all of which are described at Obtaining access tokens.

And the ‘obtaining access tokens’ page links back to here, completing the circle.

How can I obtain a token secret if I need a token secret to sign the request to obtain the token secret? What the heck?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    From the docs on creating a signature:

    Note that there are some flows, such as when obtaining a request token, 
where the token secret is not yet known. In this case, the signing key 
should consist of the percent encoded consumer secret followed by an 
ampersand character '&'.

    You received a consumer secret when you registered for an API key. This is what you want to sign with to obtain a request token.

    I would highly recommend looking into using a library which implements at least the oauth basics such as signing if not a Twitter API library, assuming one is available for your language of choice.

    • 0