Twitter auth degraded since change to x.com #10972
Unanswered
billy-the-ape
asked this question in
Help
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Wrote up details here: #10967
Not sure why this was closed. This issue can be reproduced with the example repo.
The main issue here is on x/twitter's end. But there will probably need to be a change to the default config for the TwitterProvider in next-auth to point to the correct place, once x.com is fixed on their end.
The issue is this: since Twitter now redirects all urls to x.com - if a user is logged into twitter with one account, they can be logged into a different user on x.com by switching to another account on x.com. So basically, it is impossible to easily switch your account at twitter.com anymore - it can only be done by clearing those cookies and logging in again with the other account, then the oauth flow to twitter.com will work as desired.
Unfortunately it seems that x.com doesn't (yet?) work properly, and so setting up a custom provider with the twitter config in this repo, but changing twitter.com to x.com doesn't seem to work. It is annoying - it seems twitter just kinda soft broke this functionality by changing their url.
There is a related twitter api forum post with very little activity here: https://devcommunity.x.com/t/oauth-authorization-issue-with-unexpected-accounts/219919/2
How to reproduce
Your business account is still active (on api.twitter.com/oauth/authenticate)
Since your login status at x.com and twitter.com do not remain in sync, there is no obvious way to switch your account.
Clearing cookies at twitter.com will allow a user to change their account. But this is something many users wouldn't think to do and creates issues.
Beta Was this translation helpful? Give feedback.
All reactions