Security News
Crates.io Implements Trusted Publishing Support
Crates.io adds Trusted Publishing support, enabling secure GitHub Actions-based crate releases without long-lived API tokens.
By Sarah Gooding - Jul 16, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
twitter-api-v2
Advanced tools
Twitter API V2
WIP
Twitter api v2 (and v1 in the future) client for node
Why?
-
The main libraries (twit/twitter) were not updated in a while
-
I don't think a Twitter library need many dependencies
They caused me some frustration:
- They don't support video upload in a simple way
- They don't explain well the "link" auth process
- They don't support yet Twitter API V2
- They could have more helpers (for pagination, rate limit, ...)
- Typings could make the difference between read/write app
Goals:
- bearer token auth
- token auth
- link auth
- read/write/DM aware typing
- get/post methods
- Twitter API V2 tweets methods
- Twitter API V2 users methods
- Auto pagination
- Error code enums
import TwitterApi, { TwitterErrors } from 'twitter-api-v2';
// bearer token auth (with V2)
const twitterClient = new TwitterApi('<YOUR_APP_USER_TOKEN>');
// token auth
const twitterClient = new TwitterApi({
appKey: '<YOUR-TWITTER-APP-TOKEN>',
appSecret: '<YOUR-TWITTER-APP-SECERT>',
accesToken: '<YOUR-TWITTER-APP-TOKEN>',
accessSecret: '<YOUR-TWITTER-APP-SECERT>',
});
// link auth
const twitterClient = new TwitterApi({
appKey: '<YOUR-TWITTER-APP-TOKEN>',
appSecret: '<YOUR-TWITTER-APP-SECERT>',
});
const authLink = await twitterClient.generateAuthLink();
// ... redirected to https://website.com?oauth_token=XXX&oauth_verifier=XXX
const { usertoken, userSecret } = twitterClient.login('<THE_OAUTH_TOKEN>', '<THE_OAUTH_VERIFIER>');
// Tell typescript it's a readonly app
const twitterClient = new TwitterApi(xxx).readOnly;
// Search for tweets
const tweets = await twitterClient.tweets.search('nodeJS', { max_results: 100 });
// Or do it your way (however, with no result typed)
const tweets = await twitterClient.v2.get('tweets/search/recent', {query: 'nodeJS', max_results: '100'});
const tweets = await twitterClient.get('https://api.twitter.com/2/tweets/search/recent?query=nodeJS&max_results=100');
// Auto-paginate
// (also checks if rate limits will be enough after the first request)
const manyTweets = await twitterClient.tweets.search('nodeJS').fetchLast(10000);
// Manage errors
try {
const manyTweets = await twitterClient.tweets.search('nodeJS').fetchLast(100000000);
} catch(e) {
if (e.errorCode === TwitterErrors.RATE_LIMIT_EXCEEDED) {
console.log('please try again later!');
} else {
throw e;
}
}
FAQs
Strongly typed, full-featured, light, versatile yet powerful Twitter API v1.1 and v2 client for Node.js.
The npm package twitter-api-v2 receives a total of 87,361 weekly downloads. As such, twitter-api-v2 popularity was classified as popular.
We found that twitter-api-v2 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 09 Sep 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Tracking Protestware Spread: 28 npm Packages Affected by Payload Targeting Russian-Language Users
Undocumented protestware found in 28 npm packages disrupts UI for Russian-language users visiting Russian and Belarusian domains.
By Olivia Brown - Jul 15, 2025
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
By Kirill Boychenko - Jul 14, 2025