Folks, I have been trying this and have already spent lot of time on this but what i don't understand is how is getting the access token working and post to update is not working when i am using the same signature generation method for both the requests.
Here is my complete scenario. 1. fetch the request token 2. redirect the user to the authurize page 3. get the verifier from the new called back url 4. getting the access token by passing oauth_token and auth_verifier 5. create a new post request for update and sign the request with HMAC.sign(toSign, consumerSecret + '&' + tokenSecret) Note: toSign is the request with the following headers : oauth_timestamp, oauth_signature_method, oauth_version, oauth_nonce, oauth_consumer_key 6. Send the request. Also if helpfull, i am using following values oauth_nonce=MD5.hexHash(getTimestampInSeconds()) oauth_signature_method=HMAC-SHA1 oauth_version=1.0 I have verified most of the things and looks good to me, also there is very less possibility of generating wrong signature as I have used the same signature to get the access token and was able to successfully receive it. Any pointers highly appreciated. Thanks, Rahul