About third-party apps and log in sessions

Third-party apps are applications built on the Twitter platform by external developers, and are not owned or operated by Twitter. When you connect a third-party app to your Twitter account, you are granting that app access to use your account. Depending on its permissions, an authorized app may be able to obtain information from and use your account in various ways, such as reading your Tweets, seeing who you follow, updating your profile, posting Tweets on your behalf, accessing your Direct Messages, or seeing your email address. You can learn more about the specific access in the “App permissions” section.

Note: You should be cautious before giving any third-party app access to your account. If you’re not comfortable with granting an app access to your account, simply click “cancel” on the authorization page to decline the app’s access. We also suggest you regularly review third-party apps which have access to use your account to confirm that you still want to give them access. You can review and revoke access for apps by visiting the Apps and sessions section of your account settings.

Additionally, you can learn how to log out of your active Twitter sessions below.

View instructions for:

How to connect to a third-party app using an iOS device

  1. In the app you want to connect, find the button/link asking you to connect your Twitter account (usually "Connect to Twitter", "Sign in with Twitter" or something similar).
  2. Depending on the app, you may be presented with a consent dialog from Twitter asking you to authorize the app to use your account or you may be prompted to grant the app access to the Twitter accounts on your iOS device. 

  3. You can review the various permissions you are granting to the app. You will see examples of actions the app will be able to perform using your account.

  4. If you are routed to a Twitter website and you’re already logged in to your account, use the Authorize app button to connect the app. If you’re not already logged in to your account, you will need to log in. Before you enter your username and password, check that the page is secure by verifying the URL starts with https://twitter.com. If the page is secure, enter your username and password and use the Sign In button to connect the app.

  5. If you are prompted to grant the app access to the Twitter accounts on your iOS device, use the Connect button to connect the app. If you have multiple Twitter accounts on your device, you may need to select the account that you wish to connect to the app.

Note: You can always review and revoke access for apps at any time by visiting the Apps and sessions section of your account settings.

 

How to connect to a third-party app using an Android device

  1. In the app you want to connect, find the button/link asking you to connect your Twitter account (usually "Connect to Twitter", "Sign in with Twitter" or something similar).
  2. Depending on the app, you may be routed to a Twitter website or to the Twitter for Android app to authorize the app to use your account. 

  3. You can review the various permissions you are granting to the app. You will see examples of actions the app will be able to perform using your account.

  4. If you are routed to a Twitter website and you’re already logged in to your account, use the Authorize app button to connect the app. If you’re not already logged in to your account, you will need to log in. Before you enter your username and password, check that the page is secure by verifying the URL starts with https://twitter.com. If the page is secure, enter your username and password and use the Sign In button to connect the app.

  5. If you are routed to the Twitter for Android app, use the Allow or Connect button to connect the app. If you have multiple Twitter accounts on your device, you may need to select the account you wish to connect to the app.

Note: You can always review and revoke access for apps at any time by visiting the Apps and sessions section of your account settings.

How to connect to a third-party app on the web

  1. On the website of the app you want to connect, find the button/link asking you to connect your Twitter account (usually "Connect to Twitter", "Sign in with Twitter" or something similar).
  2. You’ll be routed to a Twitter website asking you to authorize the app to use your account.

  3. You can review the various permissions you are granting to the app. You will see examples of actions the app will be able to perform with your account.

  4. If you’re already logged in to your account, use the Authorize app button to connect the app.

  5. If you’re not already logged in to your account, you will need to log in. Before you enter your username and password, check that the page is secure by verifying the URL starts with https://twitter.com. If the page is secure, enter your username and password and use the Sign In button to connect the app.

  6. You can review and revoke access for apps connected to your account at any time by visiting the Apps and sessions section of your account settings.

App permissions

Third-party apps may request access to perform different actions using your Twitter account. Apps may ask for the following permissions to access certain information in your account and take certain actions:

Read
Apps with read access to your Twitter account will have the ability to:

  • Profile information: View your profile information, such as your name, location, description, and profile and header photos. Note that the email address associated with your Twitter account and your phone number are not considered profile information. An app will not be able to view your email address unless you grant the app specific permission to do so. 

  • Tweets: View your Tweets (including details such as the number of times a Tweet has been viewed and the interactions others have with a Tweet) and Tweets from accounts you follow on your timeline, including any protected Tweets. 

  • Account settings: View your account settings, such as your preferred language and time zone. 

  • Other accounts: See who you follow, mute, and block.

  • Lists: View your Lists of Twitter accounts.

  • Collections: View your collections of Tweets.

Read and Write
Apps with read and write access to your Twitter account will have access to view your information as described in the Read section above, and will also have the ability to:

  • Profile information: Update your profile information for you. 

  • Tweets: Post Tweets and media on your behalf, delete Tweets for you, and engage with Tweets posted by others for you (for example, Like, un-Like, or reply to a Tweet, Retweet, etc.). 

  • Account settings: Manage your account settings for you. 

  • Other accounts: Follow and unfollow accounts for you, and mute, block, or report accounts on your behalf.

  • Lists: Create Lists of Twitter accounts for you, manage your Lists (for example, add and remove accounts from Lists) for you, and delete your Lists for you.

  • Collections: Create collections of Tweets for you, manage your collections (for example, add and remove Tweets from collections) for you, and delete your collections for you. 

Read, Write, and Direct Messages
Apps with read, write, and Direct Message access to your Twitter account will have access to view your information and take actions as described above in the Read and Write sections, and will also have the ability to: send Direct Messages for you, view Direct Messages you’ve sent and received, and manage and delete your Direct Messages. Remember that each communication participant has their own copy of the communication — deletion of a Direct Message will remove it from your account, not the accounts of the other participants to the communication.

Email Address
In addition to the permissions above, apps may also ask for permission to view the email address associated with your Twitter account.

Twitter Ads
If you use Twitter Ads, apps may also ask to:

  • Analytics: Access your advertising data, including your campaigns, audiences, business and ad account information (such as account name, ID, and creation date, business name, timezone, and users), ad account and user settings (such as notification email, contact phone number and extensions, industry type, email subscription settings, and tax settings), and creatives and media.

  • Campaign and account management: Access your advertising data as described above, create and manage your advertising data (such as media, creatives, campaigns, and audiences) for you, and manage your account (such as account name, industry type, account and user settings, etc.).  

We do not share your Twitter password with apps. Remember that when you authorize an app to access your Twitter account or take actions on your behalf, the app may use, store, and share your information in accordance with its own business practices. While app developers agree to abide by our rules and guidelines, we strongly recommend that you review an app’s terms and privacy policy before you authorize the app to access your account.

Learn more about our rules and guidelines for third-party app developers in our Developer Policy.

 

How to revoke access or remove an app

  1. Sign in to your account.
  2. Go to the Apps and sessions section of your account settings. All of the apps connected to your account will be displayed. You can see the specific permissions that each app has to use your account listed under the app name and description.

  3. If you’d like to disconnect an app from your account, click the Revoke access button next to the app or at the bottom of the page after clicking the app’s name.

If an app asks for your password to access your account

If you wish to grant a third-party app access to your account, we recommend that you only do so using Twitter’s OAuth method. OAuth is a secure connection method and doesn’t require you to give your Twitter username and password to the third party. You should be particularly cautious when you're asked to give your username and password to an app or website. When you give your username and password to someone else, they can gain complete control of your account and can lock you out or take actions that cause your account to be suspended.

If you are unsure about whether a login page for a third-party app is using OAuth, go directly to twitter.com and enter your credentials there, and then navigate back to the app. If the app is using OAuth, the app should not require you to enter your username and password again. You can learn more about how to check that you’re on twitter.com with our account security tips.

If you previously provided your password to an app that you are now unsure about, revoke its access on the Apps and sessions section of your account settings and change your password.

Note: You should be especially wary of and never provide your username and password to:

  • Websites claiming to help you “get more followers fast!” (see our following rules and best practices for more information).
  • Apps which post affiliate ads to your timeline.

If you suspect a bad app is still connected to your account

Immediately revoke its access on the Apps and sessions section of your account settings and change your password. If you are experiencing problems with an app, please read the compromised accounts article for more information.

If you’re having issues with a third-party app

Because third-party apps are not owned and operated by Twitter, we're not able to troubleshoot them. It’s best to reach out to the app developer for answers to your questions or to let them know about a problem you're having with their product.

How to log out of your active Twitter sessions

  1. Sign in to your account.
  2. From your Settings and privacy, go to the Apps and sessions section of your account settings. Below Sessions, all of the active login sessions connected to your account will be displayed. You can see the location and time of login.

  3. If you’d like to log out of any of the sessions listed, click the Log out button next to the session, or click Log out all other sessions at the top of the list to end all other sessions at once. Please note that while logging out of a session will prevent further actions from that session such as Tweeting, Liking, and replying, it may not delete data (e.g., Direct Messages) that was previously cached on the device while the session was active.

Bookmark or share this article

Was this article helpful?

Thank you for the feedback. We’re really glad we could help!

Thank you for the feedback. How could we improve this article?

Thank you for the feedback. Your comments will help us improve our articles in the future.