I am implementing OAuth using Twitter API following the documentation : Application-only authentication I created POST request using Consumer key & Consumer Secret as below :
POST http://api.twitter.com/oauth2/token
Authorization: Basic T3k2TlA4SnpCVGRiNXlFTUt2dGswamJGSTpiSlpEYm1xeExyeDJKU25JbUplcWdlQTJkREcwZXg0bUNtOUdGTGJ1TGF3TkZkNkxqNg==
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
grant_type=client_credentials
I got a responce having below error:
"{"errors":[{"code":99,"label":"authenticity_token_error","message":"Unable to verify your credentials"}]}"
Although, I'm getting data from my app settings
I received a token with your request.
Important! You must invalidate the security token afterwards, never ever share on public resources your credentials, provide some dummy data.
Your issue is described in documentation in chapter "Invalid requests to obtain or revoke bearer tokens"
The grant_type=client_credentials is not a header, but the body of the request:
curl --request POST \
--url https://api.twitter.com/oauth2/token \
--header 'authorization: Basic T3k2TlA4SnpCVGRiNXlFTUt2dGswamJGSTpiSlpEYm1xeExyeDJKU25JbUplcWdlQTJkREcwZXg0bUNtOUdGTGJ1TGF3TkZkNkxqNg==' \
--header 'content-type: application/x-www-form-urlencoded' \
--data grant_type=client_credentials
Additional though: maybe the issue is that you are using http://... URL, whereas the proper is to use https://... link