Twitter, OAuth, and Ruby on Rails integrated cookbook-style in the console (for Twitter 0.9)

Update March 17, 2011: This post has been superseded by a newer one by the same name. The instructions in this post are for the Twitter gem 0.9.  John Nunemaker removed native oauth capability from the gem at 1.0, so if you are using 1.0 or later, visit my newer post for corrected instructions.

As of August 31, 2010, Twitter officially deprecated HTTP Auth from the Twitter API in favor of OAuth. OAuth has a number of benefits as far as user authorization is concerned, but it is a tad complicated for the developer, especially if you simply want your application to interact with Twitter. So even if you aren’t concerned at all with authorizing your application’s users — for example, if you want your application to post tweet updates to its own account — OAuth is your only choice at this point. Here is a quick and dirty, cookbook-style recipe to get your Ruby on Rails application to interact with Twitter.

If you haven’t already, create the Twitter account that your Rails app will use. Verify the account, et cetera, and sign in to the Twitter web interface.

Navigate to and click “Register an app.” Complete the form, choosing “client” as the application type, and “Read & Write” as the access type. After saving your application, view the app’s settings screen and note the “consumer key” (also known as the consumer token) and “consumer secret” data fields — you’ll use those two items in a moment.

Add the Twitter gem dependency to your Rails application. In Rails 3 add the following line to your Gemfile:

gem 'twitter'

…and then type “bundle install” at the command line to install the gem.

Now let’s go into the Rails console by typing “rails c”. You need to jump through some one-time hoops in order to get the final tokens necessary to repeatedly authenticate your application to Twitter.

First, set up the Consumer Tokens that came from your Application Settings screen in Twitter:

> ctoken = 'your_consumer_token'
 => "your_consumer_token"
> csecret = 'your_consumer_secret'
 => "your_consumer_secret"

OAuth is a multi-stage auth mechanism. In stage one we transition from Consumer Tokens to Request Tokens:

> oauth =, csecret)
 => #<Twitter::OAuth:0x00000104d9daa0 @consumer_options={}, @csecret="your_consumer_secret", @ctoken="your_consumer_token", @api_endpoint="", @signing_endpoint="">
> rtoken = oauth.request_token.token
 => "your_request_token"
> rsecret = oauth.request_token.secret
 => "your_request_secret"

Now we use the Request Token to obtain the authorization URL. This is a one-time step. Paste the URL into your web browser, click “Allow access” when prompted, and note the 7-digit PIN that results.

> oauth.request_token.authorize_url
 => ""

Back to OAuth. In stage two we use the above PIN and Request Tokens to get Access Tokens:

> atoken, asecret = oauth.authorize_from_request(rtoken, rsecret, your_pin_here)
 => ["your_access_token", "your_access_secret"]

Twitter is apparently not expiring Access Tokens. They and the Consumer Tokens are the pieces of this whole tutorial that actually matter. You should save these in a configuration file or in your application to use over and over. Here in stage three we (finally!) authenticate to Twitter using Access Tokens:

> oauth.authorize_from_access(atoken, asecret)
 => ["your_access_token", "your_access_secret"]

To test whether authentication worked, let’s set up a Twitter client and post something to our Twitter account:

> client =
 => #<Twitter::Base:0x00000104bf3e48 @client=#<Twitter::OAuth:0x00000104d9daa0 @consumer_options={}, @csecret="your_consumer_secret", @ctoken="your_consumer_token", blah blah>
> client.update('Test post from the console')
 => <#Hashie::Mash contributors=nil coordinates=nil created_at=blah blah>

Back in your browser, note your Twitter timeline and confirm that the test post made it through properly.

Again, those were mostly one-time steps, provided you saved your Consumer Tokens and your Access Tokens. The next time you want to post a tweet from your application it is much simpler:

oauth =, csecret)
oauth.authorize_from_access(atoken, asecret)
client =
client.update('Another test post')

4 thoughts on “Twitter, OAuth, and Ruby on Rails integrated cookbook-style in the console (for Twitter 0.9)

  1. Here’s a mini .rb version of it. It prints out the authorize url, you enter the pin and viola, authorization tokens and a test post all in one application.

    require ‘rubygems’

    require ‘twitter’

    ctoken = ‘YOUR_CONSUMAR_KEY’

    csecret = ‘YOUR_CONSUMAR_SECRET’

    oauth =, csecret)

    rtoken = oauth.request_token.token

    rsecret = oauth.request_token.secret

    puts oauth.request_token.authorize_url
    puts “pin:”

    pin = gets.chomp

    atoken, asecret = oauth.authorize_from_request(rtoken, rsecret, pin)

    puts “atoken: ” + atoken

    puts “asecret: ” + asecret

    oauth.authorize_from_access(atoken, asecret)

    client =

    client.update(‘Test post from the console’)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s