Posts tweets to X (Twitter) via the v2 API. Add your X app's OAuth 2.0 client ID and secret below, then connect with OAuth — or skip setup here and paste your four OAuth 1.0a API keys (consumer key/secret + access token/secret) directly when you add the account. Note: X read/sync calls are pay-per-use under the 2026 pricing and may hit rate limits on free-tier tokens.
X (Twitter) posting uses OAuth 2.0 Authorization Code with PKCE. You register one OAuth 2.0 app in the X developer portal to get a Client ID and Client Secret, which power the in-app "Connect with OAuth" button; individual accounts then authorize through that flow.
Sign in at console.x.com, create a Project and App (or use an existing one) under your developer account.
OpenIn the app's "User authentication settings", click Set up, choose Web App/Automated App/Bot (a confidential client, so you get a Client Secret), and enable Read and write permissions.
Add this tool's OAuth redirect URI to the app's Callback URI/Redirect URL allowlist (exact match required) and fill in the mandatory Website URL, Terms of Service, and Privacy Policy fields.
Open Keys and Tokens, copy the OAuth 2.0 Client ID and Client Secret, and paste them into this app's Client ID / Client secret config fields.
Click Connect with OAuth in this tool to run the authorization-code+PKCE flow (scope includes tweet.write) and link the X account.
developer.x.com → your app → Keys and Tokens → "OAuth 2.0 Client ID and Client Secret" → Client ID. This is NOT the API Key (that's the OAuth 1.0a "paste keys" path). Enable Read+Write under User authentication settings first.
Same "OAuth 2.0 Client ID and Client Secret" section → Client Secret. Only issued for confidential app types (Web App / Automated App / Bot).
developer.x.com → your app → Keys and Tokens → "Consumer Keys" → API Key. X labels these interchangeably "API Key" / "Consumer Key" — same value. NOT the OAuth 2.0 Client ID.
Same "Consumer Keys" box → API Key Secret (the second value, revealed once). NOT the OAuth 2.0 Client Secret.
Keys and Tokens → "Access Token and Secret" → Access Token. Regenerate it AFTER setting the app to Read and write, or posting 403s.
Same "Access Token and Secret" box → the second value (the secret).