Skip to content

Latest commit

 

History

History
128 lines (97 loc) · 4.3 KB

File metadata and controls

128 lines (97 loc) · 4.3 KB
title Getting Enterprise Access
sidebarTitle Getting Access
description Enterprise access requires an application and onboarding process. Your dedicated account team will help you get set up with credentials and configure.
keywords
Enterprise access
enterprise API
apply
enterprise onboarding
API keys
access tokens
dedicated support

import { Button } from '/snippets/button.mdx';

Enterprise access requires an application and onboarding process. Your dedicated account team will help you get set up with credentials and configure your access.

Apply for Enterprise access


Step 1: Apply for Enterprise access

[Fill out the Enterprise interest form](/forms/enterprise-api-interest) with details about your organization and use case. Our sales team will reach out to understand your data volume, endpoint requirements, and support needs. Receive a tailored plan with pricing, rate limits, and access levels designed for your use case.

Step 2: Get onboarded

Once your Enterprise plan is in place, your dedicated account manager will help you set up:

Set up your app in the [Developer Console](https://console.x.com) with Enterprise-level access. Your account manager will help configure rate limits, endpoint access, and any custom settings. Generate your API keys and tokens for authentication.

Step 3: Save your credentials

You'll receive several credentials depending on your authentication needs:

Credential Purpose
API Key & Secret Identify your app. Used to generate tokens and sign OAuth 1.0a requests.
Bearer Token App-only authentication for reading public data.
Access Token & Secret Make requests on behalf of your own account (OAuth 1.0a).
Client ID & Secret OAuth 2.0 authentication for user-context requests.
**Save immediately.** Credentials are only displayed once. Store them in a password manager or secure vault. If you lose them, you'll need to regenerate (which invalidates the old ones).

Which credentials do you need?

Use the **Bearer Token** for simple, read-only access to public data.
```bash
curl "https://api.x.com/2/users/by/username/xdevelopers" \
  -H "Authorization: Bearer $BEARER_TOKEN"
```

Best for: Searching posts, looking up users, reading trends.
Use **OAuth 2.0** (recommended) or **OAuth 1.0a** to act on behalf of users.
OAuth 2.0 offers fine-grained scopes—request only the permissions you need.

Best for: Posting, liking, following, accessing DMs.

[OAuth 2.0 guide →](/resources/fundamentals/authentication/oauth-2-0/overview)
Use your **Access Token & Secret** to make requests as your own account.
These tokens represent the account that owns the app.

Best for: Testing, personal bots, your own automation.

Credential security best practices

Never hardcode credentials in your source code. Add credential files to `.gitignore`. Regenerate credentials periodically as a security measure. Only request the OAuth permissions your app needs.

Next steps

Call the API with your new credentials. Understand OAuth 1.0a and OAuth 2.0.