Actually, this sounds a lot like a confirmed defect:

I verified my signature using the calculator here:

On Tue, Mar 16, 2010 at 11:27 AM, Dan B <> wrote:

> I'm sure this is my fault, but I have kind of a bizarre scenario,
> where OAuth is working for certain APIs, but not the ones for which
> "Requires Authorization" is always true.
> * I am able to obtain access tokens, both through the PIN process and
> through xAuth.
> * I can successfully use these access tokens to make certain API calls
> using GET.  These are APIs that may have different results if the user
> is authenticated or not (user_timeline, rate_limit_status, etc).  I
> get the expected results for successful authentication
> (ie.user_timeline shows tweets for a protected user; lists/my_list/
> statuses shows tweets for my private list).
> * However, for APIs that *always* require authentication (eg
> verify_credentials, mentions, myusername/lists, etc), I get a 401 with
> "Incorrect signature"
> I'm not sure what to do.  It was my understanding that OAuth was
> pretty unforgiving, so I'm surprised that it seems to half work...
> Is this the right forum for this question?  I would be grateful for
> any wise counsel!
> Dan B

Reply via email to