Skip to main content

Documentation Index

Fetch the complete documentation index at: https://authsome.agentr.dev/docs/llms.txt

Use this file to discover all available pages before exploring further.

X (Twitter) is a bundled OAuth2 provider in authsome. Reading and writing tweets, user lookup, and offline access (refresh tokens).

At a glance

Provider namex
Display nameX (Twitter)
Auth typeOAuth2
Default flowpkce, PKCE browser flow
PKCE supportedYes
Device code supportedNo
DCR supportedNo
Default scopestweet.read, tweet.write, users.read, offline.access
Proxy hostapi.twitter.com
Env var (access_token)X_ACCESS_TOKEN
Env var (refresh_token)X_REFRESH_TOKEN

Prerequisites

You need to register an OAuth app with X (Twitter) once. Create a project and app in the X developer portal. Enable OAuth 2.0, set the callback URL, and copy the client ID and secret. The redirect URI must be: 
http://127.0.0.1:7998/auth/callback/oauth
This is the only callback URL authsome’s PKCE flow listens on. Dashboard: https://developer.twitter.com/en/portal/dashboard.

Log in

uvx authsome login x
The first time, authsome opens a local form at http://127.0.0.1:7998 to collect your client_id and client_secret. They are encrypted under your profile and reused on every subsequent login. A second browser window then opens to https://twitter.com/i/oauth2/authorize for the authorization step. Verify: 
uvx authsome get x --field status
# → connected

Custom scopes

The bundled definition requests tweet.read, tweet.write, users.read, offline.access. Override at login time: 
uvx authsome login x --scopes "<comma-separated>"
The granted scopes are stored on the connection and visible in uvx authsome get x.

Multiple accounts

Pass --connection <name> on login and on every read command to keep two or more accounts on the same provider side by side. See Multiple connections per provider for the full pattern. 
uvx authsome login x --connection personal
uvx authsome login x --connection work

Use the token

Run the agent under the proxy. The library tab is for embedding authsome inside a larger Python orchestrator. 
uvx authsome run -- python my_agent.py
Under the proxy, authsome sets X_ACCESS_TOKEN=authsome-proxy-managed in the child’s environment and injects the real token into outbound requests to api.twitter.com. The child process never sees the actual value. Refresh tokens are never exported.

Override the bundled definition

uvx authsome inspect x > ~/.authsome/providers/x.json
# edit scopes, base_url, or anything else
uvx authsome list   # source now shows "custom" for x
User-registered files always win over bundled definitions. See Provider schema.

What’s next

Run agents with the proxy

Inject the access token into outbound requests without exposing it.

Multiple connections per provider

Keep two or more accounts on the same provider side by side.

Provider schema

Every field in a provider definition.

OAuth providers

All bundled OAuth providers.