Skip to content


linvi edited this page Jan 29, 2017 · 21 revisions

Documentation for Credentials before


Twitter executes queries against credentials that are stored as OAuth Tokens. These tokens allow Twitter to identify the Application that wants to execute an operation on behalf of a specific User.

It is important to be aware that each query executed against the Twitter REST API or Stream API requires HttpRequests to contain the credentials information in its headers.

The credentials information can be divided into two, the Application Credentials and the User Credentials.

Application Credentials

Application credentials can be used to:

  • Authenticate other users on your app as well as accessing features
  • Access a limited set of endpoints of the REST API.

Application credentials are generated by Twitter on its apps website.

After creating your application, the interface will show you a Keys and Access Tokens which will contain the magical information we are looking for.

  • Consumer Key (API Key)
  • Consumer Secret (API Secret)

User Credentials

When a user wants to use an application, Twitter generates a second pair of credentials that will be specific to a user and an application.

The user credentials contains the 2 following keys:

  • Access Token
  • Access Token Secret

You can get more information on how to generate user credentials information in Authentication.

Credentials and multiple threads

Each thread uses its own set of credentials. When performing a HttpRequest from a thread that is not the main thread, the default credentials will be a clone of the Auth.ApplicationCredentials property.

Using Auth.SetCredentials(); in a thread will not affect the credentials of the other threads.

Streams and Credentials

Note that STREAMS work differently with credentials than the REST API calls. A stream uses the credentials of the thread it was created on as opposed to the credentials of the thread it is started.

You can learn more about credentials and streams here :

Let's code

There are 3 ways to use credentials in Tweetinvi.

The most common one is to set up the credentials globally. When set up globally, any method invoked by the developer will use these specific credentials (PS: AuthenticatedUser operations are a special case, please read below to know more).

// Applies credentials for the current thread. If used for the first time, set up the ApplicationCredentials

// Or
ITwitterCredentials creds = new TwitterCredentials("CONSUMER_KEY", "CONSUMER_SECRET", "ACCESS_TOKEN", "ACCESS_TOKEN_SECRET");

// When a new thread is created, the default credentials will be the Application Credentials
Auth.ApplicationCredentials = new TwitterCredentials("CONSUMER_KEY", "CONSUMER_SECRET", "ACCESS_TOKEN", "ACCESS_TOKEN_SECRET");

A second way to use credentials in Tweetinvi is to use the ExecuteOperationWithCredentials method.

// Generate credentials that we want to use

// Use the ExecuteOperationWithCredentials method to invoke an operation with a specific set of credentials
var tweet = Auth.ExecuteOperationWithCredentials(creds, () =>
      return Tweet.PublishTweet("Hello World");

The last solution is to use the AuthenticatedUser. Authenticated user operations are pretty restricted but they will always perform actions with their original credentials.

// Get the IAuthenticatedUser from the specified credentials
var authenticatedUser = User.GetAuthenticatedUser(creds);

// Perform an operation with creds - this is true even if the thread uses another set of credentials

Application-Only Credentials

Tweetinvi and above now support Application-Only credentials. In addition to the CONSUMER_KEY and the CONSUMER_SECRET, Application-Only webrequests needs a BEARER_TOKEN. Please find different method to set up the Application-Only credentials and the bearer token.

// If you do not already have a BearerToken, use the TRUE parameter to automatically generate it.
// Note that this will result in a WebRequest to be performed and you will therefore need to make this code safe
var appCreds = Auth.SetApplicationOnlyCredentials("CONSUMER_KEY", "CONSUMER_SECRET", true);
// If you already have a BearerToken you can create the application credentials by specifying the 3 keys
var appCreds = Auth.SetApplicationOnlyCredentials("CONSUMER_KEY", "CONSUMER_SECRET", "BEARER_TOKEN");
// If you do not already have a BearerToken you can set it up after the credentials object has been created
var appCreds = Auth.SetApplicationOnlyCredentials("CONSUMER_KEY", "CONSUMER_SECRET");

// This method execute the required webrequest to set the bearer Token

// OR you can set up the bearer token string manually
appCreds.ApplicationOnlyBearerToken = "BEARER_TOKEN";

Get Credentials from Twitter Website

For testing purposes, the apps website gives you the possibility to generate such credentials. The generated credentials will be related to the User who owns the application.

Clone this wiki locally
You can’t perform that action at this time.