Advanced Setup

Use Existing Twitter API Keys

Twitter Kit uses Twitter API keys to interact with the API. Fabric can automatically provision a Twitter app (recommended) and generate keys during the Twitter Kit installation process. These are stored in your info.plist within the Fabric dictionary key.

You have the option to use API keys from a Twitter app generated on This can be accomplished by replacing the keys in your info.plist or setting the Consumer Key and Secret using the code below.

To initialize the Twitter Kit with your app’s credentials, pass them to startWithConsumerKey:consumerSecret: before passing the Twitter class to Fabric in your app’s AppDelegate.

Calling startWithConsumerKey:consumerSecret: will override any keys which were automatically configured. Automatically configured keys live in your app’s Info.plist under the key Fabric.

// Objective-C
[[Twitter sharedInstance] startWithConsumerKey:@"your_key" consumerSecret:@"your_secret"];
[Fabric with:@[[Twitter class]]];
// Swift
Twitter.sharedInstance().startWithConsumerKey("your_key", consumerSecret: "your_secret")

Set Up a URL Scheme

Twitter Kit looks for a URL scheme in the format twitterkit-<consumerKey>, where consumerKey is your application’s Twitter API key.

You can find your consumer key on your Fabric app’s Twitter dashboard, or the Twitter app dashboard, depending on where you set up your API key.

For Fabric-configured apps you can also find your consumer key in your apps info.plist file, like so:

  1. Copy the Twitter Consumer Key:

    1. Select your app Target
    2. Select the Info tab
    3. Expand the Info.plist section Fabric/Kits/KitInfo/consumerKey
    4. Copy the Consumer Key
  2. Create a new URL Scheme:

    1. Expand the URL Types section lower down in the same Info.plist tab
    2. In the URL Schemes text field of the new section enter twitterkit-<consumerKey> e.g. twitterkit-dwLf79lNQfsJ

Notify Twitter Kit of openURL

When your user completes authorization, the Twitter API will pass a verification token back to your app using the twitterkit-<consumerKey> URL scheme. To complete the process and create a user session, Twitter Kit needs to handle this URL from your App Delegate:

- (BOOL)application:(UIApplication *)app openURL:(NSURL *)url options:(NSDictionary<NSString *,id> *)options
    if ([[Twitter sharedInstance] application:app openURL:url options:options]) {
        return YES;

    // If you handle other (non Twitter Kit) URLs elsewhere in your app, return YES. Otherwise
    return NO;
func application(app: UIApplication, openURL url: NSURL, options: [String : AnyObject]) -> Bool {
    if Twitter.sharedInstance().application(app, openURL:url, options: options) {
        return true

    // If you handle other (non Twitter Kit) URLs elsewhere in your app, return true. Otherwise
    return false

Use OAuth Echo

OAuth Echo is a means to securely delegate OAuth authorization with a third party while interacting with an API.

For example, you may wish to verify a user’s credentials from your app’s server (the third party) rather than your app.

More technical information about OAuth Echo can be found at Twitter’s developer site.

Instantiate TWTRCoreOAuthSigning

The TWTRCoreOAuthSigning protocol provides a convenient way to generate authorization headers for a user session. In TwitterKit, the TWTROAuthSigning class conforms to this protocol. It relies on the application auth config as well as a Twitter user session.

The TWTRAuthConfig object encapsulates the credentials to identify your Twitter application. You can get this object from the Twitter class (see code examples below)

A TWTRAuthSession object represents the user credentials of a Twitter user session. The TWTRSession class conforms to this protocol.

With a Twitter session:

// Objective-C
// Instantiates TWTROAuthSigning
TWTROAuthSigning *oauthSigning = [[TWTROAuthSigning alloc] initWithAuthConfig:[Twitter sharedInstance].authConfig authSession:[Twitter sharedInstance].session];
// Swift
// Instantiates TWTROAuthSigning
let twitter = Twitter.sharedInstance()
let oauthSigning = TWTROAuthSigning(authConfig:twitter.authConfig, authSession:twitter.session())

Create OAuth Echo Signing Headers

The easiest way to use OAuth Echo is by generating the authorization headers in the client. Use these headers to make a request to verify_credentials from outside the app.

// Objective-C
NSDictionary *authHeaders = [oauthSigning OAuthEchoHeadersToVerifyCredentials];
// Swift
let authHeaders = oauthSigning.OAuthEchoHeadersToVerifyCredentials()

The authHeaders dictionary contains the X-Auth-Service-Provider (defined in the TWTROAuthEchoRequestURLStringKey constant) and X-Verify-Credentials-Authorization (defined in the TWTROAuthEchoAuthorizationHeaderKey constant) keys. Your backend should take the OAuth signature in X-Verify-Credentials-Authorization, and use it to set the Authorization header for a request to the URL in X-Auth-Service-Provider.

// Objective-C
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@""]];
request.allHTTPHeaderFields = authHeaders;
// Swift
let request = NSMutableURLRequest(URL: NSURL(string: ""))
request.allHTTPHeaderFields = authHeaders