twitteroauth-2.0spring-socialspring-social-twitter

Callback URL not approved by Twitter


My application built upon spring-social-twitter that enables users to sign in with Twitter has stopped working recently.

I've got an error message as below:

Callback URL not approved for this client application. Approved callback URLs can be adjusted in your application settings

Note: I'm using Spring Social Twitter version 1.1.2.RELEASE. And if you use Spring Social Twitter version 1.1.0.RELEASE, you might get a slightly different error message as below:

POST request for "https://api.twitter.com/oauth/request_token" resulted in 403 (Forbidden); invoking error handler


Solution

  • Twitter recently (in May 2018) enforced that sign-in-with-Twitter users must whitelist callback URLs for security reasons (see the announcement).

    This means callback URLs have to be explicitly and identically set up for all supported third-party applications. You can setup the callback URLs in your Twitter's application setup page: https://apps.twitter.com

    For example, if your callback URL is http://localhost:8080/myApp/signin/twitter, you must add it to the list of Callback URLs in your Twitter's application setup page exactly as it is: http://localhost:8080/myApp/signin/twitter

    enter image description here

    See also the documentation on Twitter callback URLs.