> ## Documentation Index
> Fetch the complete documentation index at: https://docs.replit.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Configure X (Twitter) OAuth

> Set up X (formerly Twitter) as a social sign-in provider for your app's authentication

This guide walks you through creating an X OAuth app in the X Developer Portal. You'll collect a **Client ID** and **Client Secret** to plug into the **Auth pane**.

<Note>
  This page covers only the provider-side setup in the X Developer Portal. For the overall Clerk Auth flow — including enabling X and entering credentials in the **Auth pane** — see [Configuring OAuth credentials for an SSO provider](/core-concepts/project-editor/auth-and-security/clerk-auth#configuring-oauth-credentials-for-an-sso-provider) in the Clerk Auth doc.
</Note>

## Prerequisites

* An [X Developer account](https://developer.twitter.com/) (free tier available)
* A [published Replit app](/category/replit-deployments) — custom OAuth credentials are only available in the **Production** environment
* The **X** provider's edit panel opened in: **Auth pane** → **Configure** tab → **SSO providers** section → select the **Production** environment → select **Edit** next to **X**

## Step 1: Set up X Developer app

### Create a developer account (if needed)

1. Navigate to [X Developer Portal](https://developer.twitter.com/en/portal/dashboard)
2. Apply for a developer account if you don't have one
3. Complete the application describing your use case

### Create or select an app

1. In the X Developer Portal, go to **Projects & Apps**
2. Use an existing app or select **Add App**
3. Enter an app name and select **Next**
4. Select **App settings**

## Step 2: Configure authentication

1. Scroll to **User authentication settings**
2. Select **Set up**

**App permissions:**

Select minimum permission level:

* **Read** - Required for user profile (minimum)
* **Write** - For posting on behalf of users (optional)
* **Direct Messages** - For DM access (optional)

<Warning>
  Permissions must match scopes requested. If your app requests `tweet.write` but you only enabled Read, authentication will fail.
</Warning>

**Type of app:**

Select **Web App, Automated App or Bot**

**App info:**

* **Callback URI / Redirect URL**: Copy the value shown under **Provider setup** in the **Auth pane**
* **Website URL**: Copy the value shown under **Provider setup** in the **Auth pane**

See [Configuring OAuth credentials for an SSO provider](/core-concepts/project-editor/auth-and-security/clerk-auth#configuring-oauth-credentials-for-an-sso-provider) for how to find these values.

3. Select **Save**
4. **Save your Client ID and Client Secret**

<Warning>
  Store your Client Secret securely. If lost, regenerating it invalidates the old one.
</Warning>

## Troubleshooting

### Redirect URI mismatch

* Verify the Callback URI exactly matches the value shown under **Provider setup** in the **Auth pane**
* Check for typos or incorrect protocols
* No trailing slashes

### Invalid client

* Double-check Client ID and Client Secret
* Ensure no extra spaces
* Verify you are using OAuth 2.0 credentials (not OAuth 1.0a)

### Scope/permission errors

* Verify scopes match permissions enabled in X Developer Portal
* Ensure Read permission is enabled at minimum

### App in development mode

* X apps start in development mode with limited users
* You may need to apply for elevated access for production use

### Not working on custom domain

* Update the Website URL and Callback URI to the custom-domain values shown under **Provider setup** in the **Auth pane**

## Additional resources

* [X OAuth 2.0 Documentation](https://developer.twitter.com/en/docs/authentication/oauth-2-0)
* [X OAuth Scopes](https://developer.twitter.com/en/docs/authentication/oauth-2-0/authorization-code)