Twitter login
Enable X login with OAuth 2.0 Client ID and secret (PKCE). Not legacy OAuth 1.0 keys.
Twitter login
When on, Twitter / X appears on sign-in and register if OAuth 2 Client ID and secret are set (and Social login master is on).
Where to find it
Admin → Settings → Mods → Social → Twitter / X
| Field | Key |
|---|---|
| Enable | toggle.social_twitter (defaults on; still needs credentials) |
| OAuth 2 Client ID | twitter_oauth_client_id |
| OAuth 2 Client secret | twitter_oauth_client_secret |
Setup
1. Open the X Developer Portal and create a project/app with OAuth 2.0.
2. Enable PKCE (this app uses S256). Do not use legacy OAuth 1.0 consumer key/secret.
3. Register the Redirect URI shown in admin:
https://YOUR-DOMAIN/api/auth/oauth/twitter/callback
4. Paste Client ID + Client secret, enable the provider, save.
Official docs: X OAuth 2.0.
Scopes used: users.read and users.email.
Common problems
Old consumer key/secret pasted
Those are OAuth 1. Create an OAuth 2 client and use its ID/secret.
redirect_uri_mismatch
Callback in the portal must match the admin Redirect URI exactly (https, host, path).