OAuth 1.0

Note: For new integrations we recommend using Basic Auth instead of OAuth due to its greater ease of use.

We don’t require you to use two-legged or three-legged flows. Instead you will be provided with the complete set of credentials: consumer key, consumer secret, token and token secret.

The OAuth parameters must be sent in the Authorization header. It’s best to use an external tried and tested library to craft the OAuth Authorization header rather than writing this yourself.

Related responses

If you receive a 401 Unauthorized response, it may mean several things:

• The consumer can’t be found
• The signature is invalid
• The timestamp is invalid

Receiving a 403 Forbidden means that you are authorized successfully but do not have access to the resource.