I’m trying to set up a custom oauth2 social login with Twitter/X so I can specify the scope. I’ve followed the instructions on setting up the ready-made integration from the market place and it works fine with that integration.
I set up the custom integration following the instructions in Custom Social Connection with Twitter / X , but I get an error after I authorise the app(/user) in twitter.
The url that shows the error is http://localhost:3000/?error=invalid_request&error_description=Missing%20valid%20authorization%20header&state=dy5QSktoYjZRNldnaEhrUEpXUVIxVFNZX0hEVDY1bzNzTzJmZ0VocjV5RQ%3D%3D and the sample app shows the message Oops... Missing valid authorization header.
To test this I created a new application of type Single Page Application, using the React sample application. I configured the React sample application with the domain, client id and audience. The Auth0 app only has the custom twitter connection enabled (and the username-password-authentication db connection), the connection was configured as described in the knowledge base article.
The Authorization URL should be set to: https://twitter.com/i/oauth2/authorize?&code_challenge=challenge&code_challenge_method=plain and the Token URL should be set to https://api.x.com/2/oauth2/token?code_verifier=challenge
On Twitter/x, the application configured as a ‘Web App, Automated App or Bot (confidential client)’.
Any ideas what I could be missing? Or could it be that the knowledge base article I linked above is missing a step?
I understand you are getting missing valid authorization header errors when configuring your custom social login Twitter/X connection. Please allow me some time to look into this and reproduce it, and I will get back to you as soon as I can!
Thank you for your patience! I’ve been looking into this and found a colleague who has this set up on a tenant of theirs. Can you try setting your “Type of App” on the Twitter side to a Native app? Additionally, could you share a screenshot or DM me a screenshot of the Twitter configuration?
When I changed the type of app to native in Twitter it started working. Well, I did have a small error on the script that fetches the profile in which I wasn’t setting the user_id, but the error I got was different and clear of what was missing.
After I fixed that error, I reverted the application type in Twitter back to Web App […] and the same error showed up (Missing valid authorization header). Between tests I made sure that the user in auth0 was deleted and the application access in twitter was revoked for the user.
I’ll DM you a screen shot of the twitter configuration.
Thank you for your reply and DM with the Twitter config!
I confirmed with my teammate that this only works for him with the app type set to Native in the Twitter settings. If you’ve resolved the other error, could you change it back to Native and go from there perhaps?