eyJleHRlcm5hbF9saW5rIjoiaHR0cHM6Ly9kZXZlbG9wZXIudHdpdHRlci5jb20vZW4vZG9jcy9hdXRoZW50aWNhdGlvbi9ndWlkZXMvbG9nLWluLXdpdGgtdHdpdHRlciIsImV4dGVybmFsX2xpbmtfdGV4dCI6IkxvZ2luIHdpdGggVHdpdHRlciIsInN1cHBvcnRfbGV2ZWwiOiJzdXBwb3J0ZWQiLCJtZXRhX3RpdGxlIjoiVHdpdHRlciBJbnRlZ3JhdGlvbiB3aXRoIEF1dGgwIiwibWV0YV9kZXNjcmlwdGlvbiI6IlR3aXR0ZXIgLSBUd2l0dGVyIGFsbG93cyB1c2VycyB0byBlbmpveSB0aGUgYmVuZWZpdHMgb2YgbG9naW4gd2l0aCBhcyBsaXR0bGUgYXMgb25lIGNsaWNrIiwidmFsdWVfcHJvcHMiOlt7InRpdGxlIjoiRWFzZSBvZiB1c2UiLCJkZXNjcmlwdGlvbiI6IkEgbmV3IHZpc2l0b3IgdG8geW91ciBzaXRlIG9ubHkgaGFzIHRvIGNsaWNrIHR3byBidXR0b25zIGluIG9yZGVyIHRvIGxvZyBpbiBmb3IgdGhlIGZpcnN0IHRpbWUuIn0seyJ0aXRsZSI6IlR3aXR0ZXIgaW50ZWdyYXRpb24iLCJkZXNjcmlwdGlvbiI6IlRoZSBMb2cgaW4gd2l0aCBUd2l0dGVyIGZsb3cgY2FuIGdyYW50IGF1dGhvcml6YXRpb24gdG8gdXNlIFR3aXR0ZXIgQVBJcyBvbiB5b3VyIHVzZXJzJyBiZWhhbGYuIn0seyJ0aXRsZSI6Ik9BdXRoIGJhc2VkIiwiZGVzY3JpcHRpb24iOiJBIHdlYWx0aCBvZiBjbGllbnQgbGlicmFyaWVzIGFuZCBleGFtcGxlIGNvZGUgYXJlIGNvbXBhdGlibGUgd2l0aCB0aGUgTG9nIGluIHdpdGggVHdpdHRlciBBUEkuIn1dfQ==

Use Log in with Twitter on your Auth0 workflow, also known as Sign in with Twitter, to place a button on your site or application which allows Twitter users to enjoy the benefits of a registered user account in as little as one click. This works on websites, iOS, mobile, and desktop applications.

<p>The Twitter social connection allows users to log in to your application using their Twitter profile.</p>
<p>By default, Auth0 automatically syncs user profile data with each user login, thereby ensuring that changes made in the connection source are automatically updated in Auth0. Optionally, you can <a href="https://auth0.com/docs/users/configure-connection-sync-with-auth0">disable user profile data synchronization</a> to allow for updating profile attributes from your application.</p>


<h2 id="prerequisites">Prerequisites</h2>
<p>Before you begin, <a href="https://developer.twitter.com/en/apply-for-access/">apply for a Twitter Developer account</a>.</p>


<h2 id="set-up-app-in-twitter">Set up app in Twitter</h2>
<p>Create a project and add a new app in the <a href="https://developer.twitter.com/en/portal/">Twitter Developer portal</a>. During this process, Twitter will generate an <strong>API Key</strong> and <strong>API Secret Key</strong> for your application; make note of these.</p>
<p>While setting up your app, toggle <strong>OAuth 2.0</strong> and use the following values:</p>
<table class="table">
  <thead>
    <tr>
      <th>Field</th>
      <th>Value to Provide</th>
  </tr>
  </thead>
  <tbody>
    <tr>
      <td>Type of App</td>
      <td>Web App</td>
    </tr>
    <tr>
      <td>Callback URI / Redirect URL</td>
      <td><code>https://YOUR_DOMAIN/login/callback</code></td>
    </tr>
    <tr>
      <td>Website URL</td>
      <td><code>https://YOUR_DOMAIN</code></td>
    </tr>
  </tbody>
</table>

<h3 id="find-your-auth0-domain-name">Find your Auth0 domain name</h3>
<p>If your Auth0 domain name is not shown above and you are not using our custom domains feature, your domain name is your tenant name, your regional subdomain (unless your tenant is in the US region and was created before June 2020), plus<code>.auth0.com</code>. For example, if your tenant name were <code>exampleco-enterprises</code>, your Auth0 domain name would be <code>exampleco-enterprises.us.auth0.com</code> and your callback URL would be <code>https://exampleco-enterprises.us.auth0.com/login/callback</code>. (If your tenant is in the US and was created before June 2020, then your domain name would be <code>https://exampleco-enterprises.auth0.com</code>.)</p>
<p>If you are using <a href="https://auth0.com/docs/custom-domains">custom domains</a>, your redirect URI will have the following format: <code>https://&lt;YOUR CUSTOM DOMAIN&gt;/login/callback</code>.</p>


<h2 id="test-connection">Test connection</h2>
<p>You&#39;re ready to <a href="https://auth0.com/docs/dashboard/guides/connections/test-connections-social">test your connection</a>.</p>


<h2 id="access-twitter-api">Access Twitter API</h2>
<p>Once a user successfully authenticates, Twitter will include an Access Token in the user profile it returns to Auth0. You can use this token to call Twitter&#39;s API.</p>
<p>To get the Twitter Access Token, you must retrieve the full user&#39;s profile using the Auth0 Management API and extract the Access Token from the response. For detailed steps, see <a href="https://auth0.com/docs/connections/calling-an-external-idp-api">Call an Identity Provider&#39;s API</a>.</p>
<p>Using the token, you can call Twitter&#39;s API following Twitter&#39;s documentation.</p>
<p>Optional: Get a <a href="https://auth0.com/docs/tokens/guides/get-refresh-tokens">Refresh Token</a> from Twitter to refresh your Access Token once it expires. To ensure your application is secure, pay close attention to the <a href="https://auth0.com/docs/tokens/concepts/refresh-tokens#restrictions-and-limitations">restrictions on using Refresh Tokens</a>.</p>
<p>Twitter allows you to use application-specific Access Tokens for many API calls without requiring user Access Tokens. When you create your app, a token is generated automatically and shown with the <strong>API Key</strong> and <strong>API Secret Key</strong> <a href="https://developer.twitter.com/en/apps">Twitter Developer App Management</a>. Using application-specific Access Tokens will limit your app to requests that do not require user context. To learn more, see <a href="https://developer.twitter.com/en/docs/basics/authentication/overview/application-only.html">Twitter Developer Documentation: Application-Only Authentication</a>.</p>


<h2 id="troubleshooting">Troubleshooting</h2>
<p>If you are seeing errors, refer to the following troubleshooting steps.</p>


<h2 id="users-email-address-is-missing-from-retrieved-user-profile">User&#39;s email address is missing from retrieved user profile</h2>
<p>Twitter connections do not retrieve the user&#39;s email address by default. However, you can add a rule to request the email address using the Access Token returned from Twitter <em>providing you supply a privacy policy and terms &amp; conditions</em>.</p>
<p>Auth0 provides a rule template to get email addresses from Twitter. To use it, <a href="https://manage.auth0.com/#/rules/create">create a new rule</a> with the <strong>Get Email Address from Twitter</strong> template under the <strong>Enrich Profile</strong> section.</p>
<p>If you are using Auth0 developer keys, this functionality will not work; you will need to use your Twitter <strong>API Key</strong> and <strong>API Secret Key</strong>.</p>
<p>You must also explicitly request permission to retrieve user email addresses for your Twitter app:</p>
<ol>
<li> Log in to <a href="https://developer.twitter.com/en/portal/projects-and-apps">Twitter Developer Project and App Management</a>.</li>
<li> Choose your project, and then your app settings.</li>
<li> Click <strong>Edit</strong> next to <strong>Authentication settings</strong>, then toggle the switch to enable <strong>Request email address from users</strong>.</li>
<li> Enter the appropriate links in the <strong>Terms of service</strong> and <strong>Privacy policy</strong> fields, then click <strong>Save</strong>.</li>
</ol>


Twitter - Twitter allows users to enjoy the benefits of login with as little as one click

Twitter Integration with Auth0

Twitter

Auth0 makes authentication and authorization easy. From SSO to MFA, passwordless to user profiling, and consumer to SaaS apps, we’ve got what you need to tackle any identity use case.

Secure access for everyone but not just anyone

Twitter allows users to enjoy the benefits of login with as little as one click

A new visitor to your site only has to click two buttons in order to log in for the first time.

Ease of use

The Log in with Twitter flow can grant authorization to use Twitter APIs on your users' behalf.

Twitter integration

A wealth of client libraries and example code are compatible with the Log in with Twitter API.