Docs

Connect Your App to Twitter

To connect your Auth0 application to Twitter, you will need to generate Consumer and Secret Keys in a Twitter application, copy these into your Auth0 settings, and enable the connection.

If you're using a custom domain, you'll need to add that domain to the callback URLs list of your Twitter application. For more information on this change, see this Twitter developer forum post.

1. Create a Twitter application

  1. Login to Twitter Developer App Management.

  2. Click Create an app

    Create new Twitter app

  3. Provide the required information. For the Callback URL, enter https://YOUR_DOMAIN/login/callback. If you're using a custom domain, add that domain as another callback URL.

    Callback URL

  4. Ensure the Enabled Sign in with Twitter option is selected.

  5. Click Create and review the developer terms then Create again.

2. Get your Consumer Key and Consumer Secret

  1. Your Consumer Key and Consumer Secret will be displayed in the Keys and tokens tab of your app on Twitter:

    Consumer Key and Consumer Secret

  2. Leave this window open.

3. Copy your Consumer Key and Consumer Secret in Auth0

  1. In a separate window, login to the Auth0 Dashboard and select Connections > Social in the left navigation.

  2. Select the connection with the Twitter logo to access this connection's Settings page.

  3. Copy the Consumer Key and Consumer Secret from your app's Keys and Access Tokens tab on Twitter into the fields on this page on Auth0.

    Update Auth0 connection settings

  4. Click Save.

Twitter Profile Attribute Permissions

Unlike many social identity providers, Twitter manages profile attribute permissions at the application level. By default, your application will be granted Read and Write permissions. You can customize these in the Permissions section of the Twitter Developer App Management page. For more information, see: Application Permission Model.

4. Enable the connection

  1. Go to the Applications tab of the Twitter connection on Auth0 and select each of your existing Auth0 applications for which you want to enable this connection:

    Enable connection for applications

  2. Click Save.

5. Test your connection

  1. Go back to the Connections > Social section of the Auth0 dashboard. If you have configured your app correctly, you will see a Try icon next to the Twitter logo:

    Try connection

  2. Click the Twitter logo to return to the Settings page of this connection and click Try:

    Try connection

  3. You will be asked to sign-in to Twitter to authorize your new app to access your Twitter account:

    Authorize the new app

  4. If you have configured everything correctly, you will see the It works!!! page:

    Test results

6. Access Twitter API

Once a user successfully authenticates, Twitter will include an Access Token in the user profile it returns to Auth0. You can use this token to call Twitter's API.

To get the Twitter Access Token, you must retrieve the full user's profile using the Auth0 Management API and extract the Access Token from the response. For detailed steps, see Call an Identity Provider's API.

Using the token, you can call Twitter's API following Twitter's documentation.

Application-Specific Access Tokens

Unlike many social identity providers, Twitter allows you to use application-specific Access Tokens for many API calls without requiring user Access Tokens. You can generate these tokens in Twitter Developer App Management. Using application-specific Access Tokens will limit your app to requests that do not require user context. For more information, see Twitter Developer Documentation: Application-Only Authentication.

Troubleshooting

If you are seeing errors, refer to the following troubleshooting steps.

User's email address is missing from retrieved user profile

Twitter connections do not retrieve the user's email address by default. But you can add a rule to request the email using the access token returned from Twitter providing you supply a privacy policy and terms & conditions.

Auth0 provides a rule template to get email addresses from Twitter. To use it, create a new rule with the Get Email Address from Twitter template under the Enrich Profile section.

If you are using Auth0 developer keys, this functionality will not work; you will need to use your Twitter Consumer Key and Consumer Secret.

You must also explicitly request permission to retrieve user email addresses for your Twitter app:

  1. Login to Twitter Developer App Management.
  2. Choose your app.
  3. Click Edit, then Edit details and enter the appropriate links in the Terms of Service URL and Privacy Policy URL fields.
  4. Click Save.
  5. Go to the Permissions tab and click Edit.
  6. Select the Request email address from users option.
  7. Click Save.

Users are presented with the Twitter authorization screen each time they log in

You must configure your Twitter app to let users sign in with Twitter:

  1. Login to Twitter Developer App Management.
  2. Choose your app.
  3. Click Edit, then Edit details and select the Enable Sign in with Twitter option.
  4. Click Save.

Login fails with message “Error retrieving email from Twitter”

You are using the Login by Auth0 WordPress plugin and have enabled the Requires Verified Email setting, but have not explicitly requested permission to retrieve user email addresses for your Twitter app. You will need to either configure your Twitter app to request email addresses from users or disable the Requires Verified Email setting in the Login by Auth0 WordPress plugin.

To configure your Twitter app to request email addresses from users:

  1. Login to Twitter Developer App Management.
  2. Choose your app.
  3. Click Edit, then Edit details.
  4. Enter the appropriate links in the Terms of Service URL and Privacy Policy URL fields.
  5. Click Save.
  6. Go to the Permissions tab, click Edit and select the Request email address from users option.
  7. Click Save.

To disable the Requires Verified Email setting in the Login by Auth0 WordPress plugin:

  1. Login to your WordPress site's admin area (example: http://www.yoursite.com/wp-admin/).
  2. Choose your site, and go to Auth0 > Settings.
  3. Go to the Advanced tab, and deselect the Requires Verified Email option.
  4. Click Save Changes.