Which of the Twitter Keys do you use for App-Only access

Sep 26, 2014 at 1:49 PM
I generated an app on the Twitter site and gave it default read-only access (as I only want to read tweets not POST them)

Twitter generate a number of keys for me:

Under "Application settings" there are
API key
API secret
Owner
Owner Id

and under "Your access token" there are different
Access token:
Access token secret:

I have written an authorizer like this
    private static IAuthorizer DoApplicationOnlyAuth()
    {
        var auth = new ApplicationOnlyAuthorizer()
        {
            CredentialStore = new InMemoryCredentialStore
            {
                ConsumerKey    = ApiKey,
                ConsumerSecret = ApiSecret
            },
        };
        return auth;
    }
and its called like this.
    public async Task Search(string input)
    {
        var auth = DoApplicationOnlyAuth();
        await auth.AuthorizeAsync();

        /*******************************
                       TODO:
             store tokens for later use
             and do some searching
         *******************************/
    }
but I always get a 403:
{"errors":[{"code":99,"label":"authenticity_token_error","message":"Unable to verify your credentials"}]}
Which twitter says is likely to be Invalid "Bearer Tokens" or "Expired Bearer Tokens"

So my question is which of the twitter provide information should I be using in ConsumerKey and ConsumerSecret to allow app-only access.

Regards
Coordinator
Sep 26, 2014 at 4:24 PM
Hi,

ApiKey and ApiSecret are correct. I can't see anything wrong with your code, so it must be the keys or App settings. I can see you're receiving a 403 and maybe Twitter API is starting to provide more granular error messages instead of making all authentication errors a 401. You might want to review the 401 section of the LINQ to Twitter FAQ:

https://linqtotwitter.codeplex.com/wikipage?title=LINQ%20to%20Twitter%20FAQ&referringTitle=Documentation

@JoeMayo