I obtained a user’s access_token through OAuth 2.0 with PKCE and then used this token to call the Twitter API.
1.A GET request to /2/users/me returns normal data. 2.A POST request to /2/tweets results in a 403 Forbidden error. 3.A POST request to 2/users/{authorizedUserId}/following returns an error message: detail":"When authenticating requests to the Twitter API v2 endpoints, you must use keys and tokens from a Twitter developer App that is attached to a Project. You can create a project via the developer portal.","registration_url":"developer.twitter.com/en/docs/projects/overview","title":"Client Forbidden","required_enrollment":"Appropriate Level of API Access","reason":"client-not-enrolled","type":"api.twitter.com/2/problems/client-forbidden"}"
Now 1 and 2 are under free plan, when 2 returns error, if the reason is that I need to upgrade my client, why 2 & 3 returns different error?
My client supports Read & Write, and the user authorization obtained supports the scope of tweet.read users.read follows.write. I’m wondering why I’m encountering this error. If it’s due to a subscription requirement, why can’t I access the tweets interface under the free plan? If not, why I can’t let the authorized user do follow operation?
The funny thing is that Twitter's scope actually needs to be arranged in exact order, which means if you put the permission of tweets.write later, it can't recognize it. It's hard to understand why Twitter would design their API like this. OK, problem solved, you just have to pay otherwise they won't let you use the follow function.