Rich, thanks so much.. my issue ended up being that I was signing my OAuth Echo header as a POST request (because my request is a POST to twitpic), not GET.
On May 22, 2:14 am, Rich <rhyl...@gmail.com> wrote: > The request to verify_credentials should be a GET and shouldn't > contain any of the parameters you intend to send to TwitPic either > > On May 22, 4:51 am, Miguel de Icaza <miguel.de.ic...@gmail.com> wrote: > > > > > Hello, > > > > 1) You do not oAuth sign the actual request toTwitPic > > > 2) You make a fake request to Twitter's verify credentials api over > > > SSL and grab the Authorization header that would be sent, however when > > > you create the header make sure you include a 'Realm' > > > ofhttps://api.twitter.com > > > 3) Create a new post request toTwitPicand put the oAuth header that > > > you grabbed from Authorization in the HTTP header X-Verify-Credentials- > > > Authorization > > > 4) Add a X-Auth-Service-Provider header with the URL to verify > > > credentials. > > > 5) You should be good to go after that > > > I tried this, but I am getting the following message from TwitPic: > > > "could not authenticate you (header rejected by twitter)" > > > I created the OAuth headers as if I was trying to send an OAuth > > request tohttps://api.twitter.com/1/account/verify_credentials.json > > and added those headers to X-Verify-Credential-Authorization > > > The headers contain realm "http://api.twitter.com" (tried also with > > https) > > > Any ideas what "Header rejected by twitter" means? > > > > If you get the signature right, it will work as I and a few others > > > have got it working when we were liasing with their engineers on > > > Sunday > > > > On May 19, 3:41 am, uprise78 <des...@gmail.com> wrote: > > > > > I'm in the same boat. My call to Twitter works fine but I get 401's > > > > fromTwitPicevery time.