twittertwitter-oauthtwitter-api-v2

What is the Appropriate Way to Post Tweets as App?

I am reviewing the Basic plan rate limits here:

https://developer.twitter.com/en/docs/twitter-api/rate-limits#v2-limits-basic

Here it clearly states that POST_2_tweets has a per-app limit of 1,667 calls her 24 hours:

enter image description here

However, when attempting to use an app-level bearer token, I am met with a message as described in this forum thread:

Authenticating with OAuth 2.0 Application-Only is forbidden for this endpoint.  Supported authentication types are [OAuth 1.0a User Context, OAuth 2.0 User Context].

So, how does one post tweets in an app-level way?

Solution

  • There are two separate issues here.

    Having the correct “context” is one thing. That should be the “user context” as a Twitter app will always tweet on behalf of a certain Twitter account.

    It could also be several Twitter accounts in which case several Twitter users would individually authorize your app to post on behalf of them and you'd store a "user context" token for each user.

    There are two ways for getting a "user context" token.

    There's the OAuth 1.0a way. “Making requests on behalf of users” is referenced in Twitter API documentation: https://developer.twitter.com/en/docs/authentication/oauth-1-0a

    That way you'll end up doing the "3-legged authentication": https://developer.twitter.com/en/docs/authentication/oauth-1-0a/obtaining-user-access-tokens

    Another way is OAuth 2.0 that's explained in https://developer.twitter.com/en/docs/authentication/oauth-2-0/user-access-token

    Either way as part of the process you'll redirect the user to a page on Twitter asking to authorize your app and Twitter sends a callback to your app returning a token. For this to work the callback URL needs to be whitelisted in your Developer Portal under your application's "User authentication settings" section. There "App permissions" need to be "Read and write" and under "App info" is the "Callback URI/Redirect URL" that needs to be filled in.

    The daily limits on tweeting are the other and separate issue.

    There's a limit for an individual user posting tweets via your app and that's e.g. 100 tweets / 24 hours in the "Basic" access tier.

    Then there's the limit for your "Twitter application" in your Developer Portal.

    Your app can post on behalf of multiple Twitter accounts and has a bigger daily limit which is that 1667 tweets per 24 hours in the "Basic" access tier.

    Both limits apply. Your app could e.g. serve 16 different Twitter users each posting 100 tweets per 24 hours which adds up to a safe 1600 tweets per 24 hours.

    User A might try to tweet 101 times and the last one will fail. The other users B, C etc. might still be able to tweet if their personal limit isn’t reached and your app’s own limit (of 1667) isn’t reached yet.