Unable to view webhook: {"errors":[{"code":32,"message":"Could not authenticate you."}]}

I successfuly created the webhook and was given the following response when it was created:

stdClass Object ( [id] => 11645839966******** [url] => https://****.ngrok.io/twitter-api/webhook.php [valid] => 1 [created_timestamp] => 2019-08-22 17:03:56 +0000 )

I’m getting the following error upon trying to view the webhook:

I ran the following script over a https ngrok tunnel to view the details for the webhook:


// Generated by curl-to-PHP: http://incarnate.github.io/curl-to-php/
$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, 'https://api.twitter.com/1.1/account_activity/webhooks.json');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');

$headers = array();
$headers[] = 'Authorization: Bearer AAAA';
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

$result = curl_exec($ch);

if (curl_errno($ch)) {
    echo 'Error:' . curl_error($ch);
} else {



If it is bad authentication (error 32) before it hits the webhook, then you should check to make sure that you have done the following. This information and more is located in our troubleshooting doc:

  1. you are using the proper auth keys that you pulled from the Twitter app that is designated as your AAAPI dev environment. Since this endpoint requires user auth, you will need to use both your consumer keys and access tokens.
  2. you have properly generated the oauth nonce , oauth_signature , and oauth_timestamp for your request.
If you have properly set up your Twitter app, then chances are that you aren’t handling number two properly. If so, please consider using an oauth library (example), one of our github repositories (account-activity-dashboard or twitter-webhook-boilerplate-node), using Insomnia, or try using Twurl.

Hi Jessica,
I’ve followed your instructions on the Account Activity API.

I’ve tried running the following cURL request through command prompt and got the same error:

curl --request GET --url https://api.twitter.com/1.1/account_activity/webhooks.json --header 'authorization: Bearer <BEARER_TOKEN>'

On what page am I meant to generate the oauth nonce , oauth_signature , and oauth_timestamp. Should it be webhook.php?

Thanks for following up here. One way to generate the generate the oauth nonce, oauth_signature, and oauth_timestamp would be to do so using a REST client such as Insomnia.

Hi Jessica,
I’ve managed to solve the problem, I didn’t set the authentication headers so I downloaded and used twitteroauth.
Twitter’s API documentation isn’t the clearest as I work with lots of APIs and this is definitely the least documented API. Not much help on YouTube or Google searches either.
I’m going to rely on this forum heavily as a result.
All is working. Thanks again.

Thanks for following up here. If you have ideas on how to improve our documentation or feature ideas, please let us know via our feedback portal.
Thanks again!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.