Obtaining access tokens
In order to make authorized calls to Twitter’s APIs, your application must first obtain an OAuth access token on behalf of a Twitter user or you could issue Application-only authenticated requests when user context is not required. The way you will obtain such tokens will depend on your use case.
| If you… | Use… |
|---|---|
| Want to offer a “Sign in with Twitter” button on your website… | Sign in with Twitter |
| Want to read or post Twitter data on behalf of visitors to your website… | 3-legged OAuth |
| Have a mobile, desktop, or embedded app which can’t access a browser… | PIN-based OAuth |
| Just want to access the API from your own account… | Tokens from dev.twitter.com |
| NEED to use usernames/passwords AND have been approved for xAuth… | xAuth |
| Offer an API where clients send you data on behalf of Twitter users… | OAuth Echo |
| Want to issue authenticated requests on behalf of the application itself | Application-only authentication |
Once you have an access token and token secret, the Twitter API is your oyster! By following the steps described in Authorizing a request, you can issue authorized requests to the REST API and the The Streaming APIs.
If the OAuth process sounds like it is beyond the scope of your integration, consider using Web Intents, which do not need to use access tokens to interact with the Twitter API.