OAuth::Unauthorized (401 Unauthorized) #25

railsfactory-magesh opened this Issue Apr 30, 2012 · 29 comments


None yet

I'm getting the oauth unauthorized error during callback,
I did a lot of googling but couldn't fix it :(

I tried changing the callback url but didn't work
i currently have the call back url as

arunagw commented Apr 30, 2012

can you share me any sample app?

nuwansh commented May 3, 2012

make sure you have correctly added the callback URL into your twitter application which created at https://dev.twitter.com

arunagw commented May 8, 2012

Hey @railsfactory-magesh can you give a try again and let me know. Let's solve this issue.


@arunagw i tried it again but didn't work. I also tried using both the branches master as well as x_auth_access_type in my Gemfile but that didn't work :( and i guess the callback url is also right as i've mentioned above. Is there anything else that i'm missing?


This is what i have in my config/initializers/omniauth.rb

Rails.application.config.middleware.use OmniAuth::Builder do  
  provider :facebook, '201569256527942', '295d5ea418ce2b27b7b2f4fbf6b7f6c4', {:scope => 'offline_access,user_birthday,email'} 
# {:client_options => {:ssl => {:ca_path => "/etc/ssl/certs/"}}}
  provider :twitter, 'lTzyhQOuIFzH6riDor0A', 'X8WtrgIYHRJ56vGAdF3RelLxJDFoqzyrfUL3bb4qzec'

   Twitter.configure do |config|
   config.consumer_key = "19xB0Ohc95PHAhiJuG9E2w"
   config.consumer_secret = "PLqHIltDMH8YYJN6NarGOrNx3ivfL8XWCx2QCrZrWIY"
arunagw commented May 12, 2012

Hey @railsfactory-magesh check this omniauth/omniauth#601

Is this the same condition for you?


No, i didn't try that and its not the same

chessguy commented Jun 9, 2012

I appear to be having the same issue. This is over an ssl connection for the whole website.
Rails.application.config.middleware.use OmniAuth::Builder do
provider :twitter, "consumer_key", "consumer_secret"

It's giving a 401 error when I click on the twitter registration link https://mywebsite/auth/twitter

Below is the full error message
[my consumer key] [my ip address] [2012-06-08 21:06:18 -0500]
OAuth::Unauthorized (401 Unauthorized):
oauth (0.4.6) lib/oauth/consumer.rb:216:in token_request' oauth (0.4.6) lib/oauth/consumer.rb:136:inget_request_token'
omniauth-oauth (1.0.1) lib/omniauth/strategies/oauth.rb:29:in request_phase' omniauth-twitter (0.0.11) lib/omniauth/strategies/twitter.rb:50:inrequest_phase'
omniauth (1.1.0) lib/omniauth/strategy.rb:207:in request_call' omniauth (1.1.0) lib/omniauth/strategy.rb:174:incall!'
omniauth (1.1.0) lib/omniauth/strategy.rb:157:in call' omniauth (1.1.0) lib/omniauth/builder.rb:48:incall'
exception_notification (2.6.1) lib/exception_notifier.rb:34:in call' mobvious (0.3.1) lib/mobvious/manager.rb:25:incall'
warden (1.1.1) lib/warden/manager.rb:35:in block in call' warden (1.1.1) lib/warden/manager.rb:34:incatch'
warden (1.1.1) lib/warden/manager.rb:34:in call' actionpack (3.2.5) lib/action_dispatch/middleware/best_standards_support.rb:17:incall'
rack (1.4.1) lib/rack/etag.rb:23:in call' rack (1.4.1) lib/rack/conditionalget.rb:25:incall'
actionpack (3.2.5) lib/action_dispatch/middleware/head.rb:14:in call' actionpack (3.2.5) lib/action_dispatch/middleware/params_parser.rb:21:incall'
actionpack (3.2.5) lib/action_dispatch/middleware/flash.rb:238:in call' oauth (0.4.6) lib/oauth/consumer.rb:216:intoken_request'
oauth (0.4.6) lib/oauth/consumer.rb:136:in get_request_token' omniauth-oauth (1.0.1) lib/omniauth/strategies/oauth.rb:29:inrequest_phase'
omniauth-twitter (0.0.11) lib/omniauth/strategies/twitter.rb:50:in request_phase' omniauth (1.1.0) lib/omniauth/strategy.rb:207:inrequest_call'
omniauth (1.1.0) lib/omniauth/strategy.rb:174:in call!' omniauth (1.1.0) lib/omniauth/strategy.rb:157:incall'
omniauth (1.1.0) lib/omniauth/builder.rb:48:in call' exception_notification (2.6.1) lib/exception_notifier.rb:34:incall'
mobvious (0.3.1) lib/mobvious/manager.rb:25:in call' warden (1.1.1) lib/warden/manager.rb:35:inblock in call'
warden (1.1.1) lib/warden/manager.rb:34:in catch' warden (1.1.1) lib/warden/manager.rb:34:incall'
actionpack (3.2.5) lib/action_dispatch/middleware/best_standards_support.rb:17:in call' rack (1.4.1) lib/rack/etag.rb:23:incall'
rack (1.4.1) lib/rack/conditionalget.rb:25:in call' actionpack (3.2.5) lib/action_dispatch/middleware/head.rb:14:incall'
actionpack (3.2.5) lib/action_dispatch/middleware/params_parser.rb:21:in call' actionpack (3.2.5) lib/action_dispatch/middleware/flash.rb:238:incall'
rack (1.4.1) lib/rack/session/abstract/id.rb:205:in context' rack (1.4.1) lib/rack/session/abstract/id.rb:200:incall'
actionpack (3.2.5) lib/action_dispatch/middleware/cookies.rb:338:in call' activerecord (3.2.5) lib/active_record/query_cache.rb:64:incall'
activerecord (3.2.5) lib/active_record/connection_adapters/abstract/connection_pool.rb:473:in call' actionpack (3.2.5) lib/action_dispatch/middleware/callbacks.rb:28:inblock in call'
activesupport (3.2.5) lib/active_support/callbacks.rb:405:in _run__179858333__call__491344072__callbacks' activesupport (3.2.5) lib/active_support/callbacks.rb:405:in__run_callback'
activesupport (3.2.5) lib/active_support/callbacks.rb:385:in _run_call_callbacks' activesupport (3.2.5) lib/active_support/callbacks.rb:81:inrun_callbacks'
actionpack (3.2.5) lib/action_dispatch/middleware/callbacks.rb:27:in call' rack (1.4.1) lib/rack/sendfile.rb:102:incall'
actionpack (3.2.5) lib/action_dispatch/middleware/remote_ip.rb:31:in call' actionpack (3.2.5) lib/action_dispatch/middleware/debug_exceptions.rb:16:incall'
actionpack (3.2.5) lib/action_dispatch/middleware/show_exceptions.rb:56:in call' railties (3.2.5) lib/rails/rack/logger.rb:26:incall_app'
railties (3.2.5) lib/rails/rack/logger.rb:14:in block in call' activesupport (3.2.5) lib/active_support/tagged_logging.rb:25:intagged'
railties (3.2.5) lib/rails/rack/logger.rb:14:in call' actionpack (3.2.5) lib/action_dispatch/middleware/request_id.rb:22:incall'
rack (1.4.1) lib/rack/methodoverride.rb:21:in call' rack (1.4.1) lib/rack/runtime.rb:17:incall'
activesupport (3.2.5) lib/active_support/cache/strategy/local_cache.rb:72:in call' rack (1.4.1) lib/rack/lock.rb:15:incall'
rack-ssl (1.3.2) lib/rack/ssl.rb:27:in call' rack-cache (1.2) lib/rack/cache/context.rb:136:inforward'
rack-cache (1.2) lib/rack/cache/context.rb:245:in fetch' rack-cache (1.2) lib/rack/cache/context.rb:185:inlookup'
rack-cache (1.2) lib/rack/cache/context.rb:66:in call!' rack-cache (1.2) lib/rack/cache/context.rb:51:incall'
railties (3.2.5) lib/rails/engine.rb:479:in call' railties (3.2.5) lib/rails/application.rb:220:incall'
railties (3.2.5) lib/rails/railtie/configurable.rb:30:in method_missing' unicorn (4.3.1) lib/unicorn/http_server.rb:531:inprocess_client'
unicorn (4.3.1) lib/unicorn/http_server.rb:606:in worker_loop' unicorn (4.3.1) lib/unicorn/http_server.rb:487:inspawn_missing_workers'
unicorn (4.3.1) lib/unicorn/http_server.rb:498:in maintain_worker_count' unicorn (4.3.1) lib/unicorn/http_server.rb:272:injoin'
unicorn (4.3.1) bin/unicorn:121:in <top (required)>' /home/mystuff/apps/mywebsite/current/bin/unicorn:16:inload'
/home/mystuff/apps/mywebsite/current/bin/unicorn:16:in `



I think this happened to me some time ago. It has to do with time synchronization between your server and twitter's.


I had the same problem, I have just add a callback url to my application which is (I use devise with Omniauth).


Time seems to be OK. Callback url didn't help probably because the new version doesn't require it. I suspect it's a problem with the way i set up the twitter account but I don't know.

vvsatya commented Jul 24, 2012

In my case I used "Access Token" and secret instead of "Consumer Key" caused this error.


In my case, i used the Consumer Key and got the error.


Any updates on this? I'm running into the same 401 error.

styliii commented Jul 31, 2012

Getting the same issue as everyone else. Any updates?

arunagw commented Jul 31, 2012

still error? ohh daam.. I need to look into this.. No idea why you guys getting this. Even other people are using it properly.

aparra commented Aug 15, 2012

check your callback url in the twitter application, if it's empty 401 direct

rafael commented Sep 6, 2012

In my case, I was using a virtual machine and the clocks were out of sync. Fixed with:

sudo ntpdate ntp.ubuntu.com pool.ntp.org


Hey folks, I was having this issue and the solution was to properly configure the callback in the twitter app, as the OmniAuth FAQ explains: https://github.com/intridea/omniauth/wiki/FAQ. That solved the issue for me.


was missing callback, adding callback worked for me. Thanks for sharing.

arunagw commented Mar 26, 2013

thanks @carlosantoniodasilva 👍

@arunagw arunagw closed this Mar 26, 2013

I was stumped at this issue for several hours today as my application that was working with an earlier app was giving this error. Turns out that instead of using Consumer key and secret, I was supplying the access token and access token secret generated from the twitter developer website which the omniauth already generated after authenticating.


@arunagw I am using https://github.com/sferik/sign-in-with-twitter repo. Even after applying proper keys and secrets, I am getting 401 error. I have provided the correct callback URL too as suggested in previous comments. Any idea, where am I going wrong?


Thankx @rafael , you saved my life!!!
In my case, was the diff between the server and my virtual machine.

rafael commented Jul 24, 2014

@ecdfernandes 😀 Glad that helped you!


I have the callback and am still having the same problem.


I'm also having this error. I set my callback to and I'm still getting this error. Any other advice or updates to this? Also, how can I check to see if twitter's server time is in sync with my mac's system time? How do you view their server time?


Having this issues on my local machine:

Short Answer: Just make sure about the time zone globally and your computer.

Long answer:

My App on local dev machine machine was working just fine and accidentally stopped working getting this error, the issue is that in Egypt we change the time zone every couple of months and this month was supposed to change but didn't happen, but the global time is changed automatically as usual in this time of the year so I changed the local time for my computer as the government didn't change it and the time is not synchronized yet. So there was a 1 hour different. I set the time back to be globally and everything worded fine. :D

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment