There is a required OAuth parameter step which is unclearly documented by Twitter. When Twitter returns from your /oauth/authorize It returns an oauth_verifier token. Make sure that you pass this oauth_verifier token (along with the other parameters) along to your /oauth/access_token call.
Make sure you are passing this oauth_verifier in and see how you go. I've found that if you DON'T set a callback, it doesn't enforce the verifier, but if you do, then the verifier is essential (just be aware Twitter are planning to change to always require this in the future, so it's more compliant with the spec; worth making this change regardless, a lot of Twitter libraries don't implement it). Hope this helps... Tim -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk