Skip to main content

Twitter

Follow these steps to add Twitter as a social sign-in provider to your project using the Ory Console:

  1. Sign in to Ory Console and select Social Sign-in.
  2. Click the switch next to the Twitter logo to start the configuration.
  3. Copy the Redirect URI and save it for later use.

Next you will need to create a Twitter application and configure it to work with Ory. Here's how you can do that:

  1. Head over to the Twitter Developer Dashboard. You do not need a subscription to Twitter's premium APIs to use the social sign-in feature and can use the free tier ("Sign up for Free Account").
  2. Create a new Twitter v2 project: Creating an app for Twitter Social Sign In
  3. Choose a use case for your application. We use "Exploring the API" for this example: Twitter Social Sign In asks to cjppse a use case
  4. Choose a description: Twitter Social Sign In asks to enter a use case description
  5. If prompted, choose "Create a new app": Twitter Social Sign In asks for application name
  6. You will now receive an API key and API Key Secret. Copy these values and save them for later use: Twitter Social Sign In shows Keys & Tokens
  7. Go to the application settings and click on "Set up" under "User authentication settings": Twitter Social Sign In asks to set up user authentication
  8. Select your app permissions, set "Type of App" to "Confidential Client". If you need to read email addresses toggle "Request email from users" on. Provide the Redirect URI you saved earlier here: Twitter Social Sign In asks to set up user authentication

Twitter is now set up! Continue with the following steps in Ory Console or Ory CLI to complete the configuration:

  1. Copy the API Key and API Key Secret from the Twitter Developer Dashboard and paste them into the corresponding fields in the Ory Console.

  2. In the Data Mapping field of the form in the Ory Console, add the following Jsonnet code snippet, which maps the desired claims to the Ory Identity schema:

    local claims = std.extVar('claims');

    {
    identity: {
    traits: {
    // Twitter does not send the email when it is not verified:
    //
    // When set to true email will be returned in the user objects as a string. If the user does not have an email address on their account, or if the email address is not verified, null will be returned.
    //
    // There we can use the value provided by twitter without problem:
    [if 'email' in claims then 'email' else null]: claims.email,
    },
    },
    }
    <JsonnetWarning format="Jsonnet code snippets" use="data mapping" />
  3. Click Save Configuration.

Troubleshooting

When you add a social sign-in provider, you can encounter common problems such as:

  • Redirect URI mismatch
  • Redirect loops during registration
  • Domain verification issues

To troubleshoot those issues, read Social sign-in troubleshooting.