OAuth2 (Twitter) Callback URL error

Server Code Codeless
#1

Re: “Social Login API and OAuth2 Integration for User Login” video 12 “Backendless User Management” course

In using Twitter for OAuth2 authentication I’m getting an error:
Callback error
Twitter Callback URL error

I think “Unable to login user due to error: 403:The request is understood, but it has been refused” indicates the communication took place but Twitter doesn’t ‘like’ something.
“Callback URL not approved for this client application.” seems pretty clear; question is, why?

Through the Twitter Developer Portal I’ve

  • regenerated the API Key and Secret, then reloaded them into the Twitter Provider settings,
  • recopied the Callback URL to Twitter.
    Provider settings
    Provider settings
    Provider settings731×345 24.9 KB

Mark’s video (4:13) shows only the Callback URL; that setting now shows two URLs. Currently Twitter also requires a Website URL;.I assumed the second Callback URL is the needed Website URL (?).
Callback URL
Callback_Website URL

Am I correct about the two Callback URLs? Is there something else I should be looking at?

#2

Hello @Jim_Austin!

Could you please try changing the settings this way:

image
image1150×626 48.3 KB

That worked for me.

Regards,
Alexander

#3

Thanks Alexander, that fixed that error, so marked your post as the Solution.

Now getting this message:
{“code”:3016,“message”:"Wrong credentials for twitter. {“errors”:[{“message”:"You currently have Essential access which includes access to Twitter API v2 endpoints only. If you need access to this endpoint, you’ll need to apply for Elevated access via the Developer Portal. You can learn more here … {}}

This is clearly a ‘discussion’ I need to have with Twitter, when/if I decide to use it for OAuth2 authorization. Right now more interested in trying your solution on LinkedIn OAuth2, which is giving a similar error.

Thanks again!

#4

Hi @Jim_Austin ,

Just for the note. For login Twitter provides only OAuth 1.1 API while endpoints to access feed and other Twitter info utilize OAuth2. Due to this Twitter login provider is actually OAuth 1.1 login provider so there could be some nuances with permissions on the Twitter side.

Regards, Andriy