cURL_walkthrough.md

cURL walkthrough

Step 1: Construct an Authorize URL

Your app will need to build an authorize URL to Twitter, indicating the scopes your app needs to authorize. The URL will also contain the response type, client id, redirect URI, code challenge, code challenge method and state parameters.

Example scopes to request from user:

tweet.read%20users.read%20account.follows.read%20account.follows.write

Step 2: GET oauth2/authorize

Have the user authenticate, and send the application an authorization code. Example URL to redirect user to:

https://twitter.com/i/oauth2/authorize?response_type=code&client_id=rG9n6402A3dbUJKzXTNX4oWHJ&redirect_uri=https://www.example.com&scope=tweet.read%20users.read%20account.follows.read%20account.follows.write&state=state&code_challenge=challenge&code_challenge_method=plain

Offline access

For offline access, you will have to pass in the required scope:

https://twitter.com/i/oauth2/authorize?response_type=code&client_id=rG9n6402A3dbUJKzXTNX4oWHJ&redirect_uri=https://www.example.com&scope=tweet.read%20users.read%20account.follows.read%20offline.access&state=state&code_challenge=challenge&code_challenge_method=plain

Upon successful authentication, your redirect_uri would receive a request containing the auth_code parameter. Your application should verify the state parameter. Example request from client’s redirect:

https://www.example.com?state=state&code=VGNibzFWSWREZm01bjN1N3dicWlNUG1oa2xRRVNNdmVHelJGY2hPWGxNd2dxOjE2MjIxNjA4MjU4MjU6MToxOmFjOjE

Step 3: POST oauth2/token - Access Token

Convert the authorization code into a usable access token and refresh token.

Example Token Request:

curl --location --request POST 'https://api.twitter.com/2/oauth2/token' \--header 'Content-Type: application/x-www-form-urlencoded' \--data-urlencode 'code=VGNibzFWSWREZm01bjN1N3dicWlNUG1oa2xRRVNNdmVHelJGY2hPWGxNd2dxOjE2MjIxNjA4MjU4MjU6MToxOmFjOjE' \--data-urlencode 'grant_type=authorization_code' \--data-urlencode 'client_id=rG9n6402A3dbUJKzXTNX4oWHJ \--data-urlencode 'redirect_uri=https://www.example.com' \--data-urlencode 'code_verifier=challenge'

Example Token Response:

{  "token_type": "bearer",  "expires_in": 7200,  "access_token": "Q0Mzb0VhZ0V5dmNXSTEyNER2MFNfVW50RzdXdTN6STFxQlVkTGhTc1lCdlBiOjE2MjIxNDc3NDM5MTQ6MToxOmF0OjE",  "scope": "tweet.moderate.write account.follows.write users.read account.follows.read tweet.read",  "refresh_token": "bWRWa3gzdnk3WHRGU1o0bmRRcTJ5VUxWX1lZTDdJSUtmaWcxbTVxdEFXcW5tOjE2MjIxNDc3NDM5MTQ6MToxOnJ0OjE" }

Step 4: Connect to v2 Twitter API endpoints

Use the access token to hit Twitter APIs.

GET Multiple Tweets

curl --location --request GET 'https://api.twitter.com/2/tweets?ids=1261326399320715264,1278347468690915330' \--header 'Authorization: Bearer Q0Mzb0VhZ0V5dmNXSTEyNER2MFNfVW50RzdXdTN6STFxQlVkTGhTc1lCdlBiOjE2MjIxNDc3NDM5MTQ6MToxOmF0OjE'

GET Single Tweet

curl --location --request GET 'https://api.twitter.com/2/tweets/1261326399320715264' \--header 'Authorization: Bearer Q0Mzb0VhZ0V5dmNXSTEyNER2MFNfVW50RzdXdTN6STFxQlVkTGhTc1lCdlBiOjE2MjIxNDc3NDM5MTQ6MToxOmF0OjE'

GET Multiple Users by IDs

curl --location --request GET 'https://api.twitter.com/2/users?ids=2244994945,6253282' \--header 'Authorization: Bearer Q0Mzb0VhZ0V5dmNXSTEyNER2MFNfVW50RzdXdTN6STFxQlVkTGhTc1lCdlBiOjE2MjIxNDc3NDM5MTQ6MToxOmF0OjE'

GET Single User by ID

curl --location --request GET 'https://api.twitter.com/2/users/2244994945' \--header 'Authorization: Bearer Q0Mzb0VhZ0V5dmNXSTEyNER2MFNfVW50RzdXdTN6STFxQlVkTGhTc1lCdlBiOjE2MjIxNDc3NDM5MTQ6MToxOmF0OjE'

GET Users by Usernames

curl --location --request GET 'https://api.twitter.com/2/users/by?usernames=TwitterDev,Twitter' \--header 'Authorization: Bearer Q0Mzb0VhZ0V5dmNXSTEyNER2MFNfVW50RzdXdTN6STFxQlVkTGhTc1lCdlBiOjE2MjIxNDc3NDM5MTQ6MToxOmF0OjE'

Follow a User

curl --header 'Content-Type: application/json' \ --header 'Authorization: Bearer Q0Mzb0VhZ0V5dmNXSTEyNER2MFNfVW50RzdXdTN6STFxQlVkTGhTc1lCdlBiOjE2MjIxNDc3NDM5MTQ6MToxOmF0OjE' \ --request POST \ --data '{"target_user_id": "2244994945"}' \ https://api.twitter.com/2/users/2750565428/following

GET Followers of user ID API

curl --location --request GET 'https://api.twitter.com/2/users/1176196242566574085/following' \ --header 'Authorization: Bearer Q0Mzb0VhZ0V5dmNXSTEyNER2MFNfVW50RzdXdTN6STFxQlVkTGhTc1lCdlBiOjE2MjIxNDc3NDM5MTQ6MToxOmF0OjE'

Unfollow a user ID API

curl --location --request DELETE 'https://api.twitter.com/2/users/1176196242566574085/following/2244994945' \--data-raw '' \--header 'Authorization: Bearer Q0Mzb0VhZ0V5dmNXSTEyNER2MFNfVW50RzdXdTN6STFxQlVkTGhTc1lCdlBiOjE2MjIxNDc3NDM5MTQ6MToxOmF0OjE'

Step 5: POST oauth2/token - Refresh Token

Convert the refresh token into a new pair of access token and refresh token.Example Token Request:curl --location --request.

POST 'https://api.twitter.com/2/oauth2/token' \--header 'Content-Type: application/x-www-form-urlencoded' \--data-urlencode 'refresh_token=bWRWa3gzdnk3WHRGU1o0bmRRcTJ5VUxWX1lZTDdJSUtmaWcxbTVxdEFXcW5tOjE2MjIxNDc3NDM5MTQ6MToxOnJ0OjE \--data-urlencode 'grant_type=refresh_token' \--data-urlencode 'client_id=rG9n6402A3dbUJKzXTNX4oWHJ'

Step 6: POST oauth2/revoke - Revoke Token

Revoke Access Token and Refresh Token.

Example Revoke Token Request:

curl --location --request POST 'https://api.twitter.com/2/oauth2/revoke' \--header 'Content-Type: application/x-www-form-urlencoded' \--data-urlencode 'token=Q0Mzb0VhZ0V5dmNXSTEyNER2MFNfVW50RzdXdTN6STFxQlVkTGhTc1lCdlBiOjE2MjIxNDc3NDM5MTQ6MToxOmF0OjE' \--data-urlencode 'client_id=rG9n6402A3dbUJKzXTNX4oWHJ \--data-urlencode 'token_type_hint=access_token'

Nice!