accounts-twitter
The accounts-twitter package is the login service that lets users of your app sign in with their Twitter/X account, using OAuth 1.0a. It builds on top of accounts-base and the twitter-oauth package, registering Twitter as an available login service and exposing a client-side Meteor.loginWithTwitter helper.
Add it to your project with:
meteor add accounts-twitterAdding the package automatically implies accounts-base and twitter-oauth, so the Accounts API and the underlying Twitter OAuth helpers become available as well.
Configuring the service
Before users can log in, you must register an application with Twitter and configure its credentials in your app. This is handled by the service-configuration package — see the OAuth Services Configuration guide for the full setup, including how to provide credentials through settings.json.
If you prefer a step-by-step UI, the accounts-ui package presents a guided configuration dialog. If you use accounts-ui but have not configured the service through service-configuration, the package prints a console notice suggesting you also add the matching configuration UI:
meteor add twitter-config-uiLogging in
On the client, the package adds the Meteor.loginWithTwitter function.
Meteor.loginWithTwitter((error) => {
if (error) {
// handle the login failure
} else {
// successful login
}
});Meteor.loginWithTwitter([options], [callback])
optionsObject (optional) — options passed through to the underlying Twitter OAuth request.callbackFunction (optional) — called with a singleerrorargument on failure, or with no arguments on success. A callback may be passed as the first argument when nooptionsare needed.
Calling this function starts the OAuth flow with Twitter. Depending on the configured loginStyle ("popup" or "redirect", set in the service configuration), it either opens a pop-up window or redirects the page to Twitter's authorization page. Once the user authorizes the app, the Meteor client logs in to the server with the credentials returned by Twitter.
For the generic Meteor.loginWith<ExternalService> behavior shared by all OAuth login services, see the Accounts API documentation. The force_login and screen_name options are Twitter-specific (see below). Note that, unlike some other services, requestPermissions is not currently supported for Twitter.
Setting up the Twitter/X app
Twitter uses OAuth 1.0a (not OAuth 2.0). Make sure your app is set up accordingly.
In the X Developer Portal create a project/app and enable OAuth 1.0a.
Copy the Consumer Key (API Key) and Consumer Secret — these are the
consumerKeyandsecretyou configure below.Set the Callback URI / Redirect URL. Meteor handles the callback at:
text<your-root-url>/_oauth/twittere.g.
http://localhost:3000/_oauth/twitterin development.To receive the user's email, enable Request email address from users in the app's permission settings.
Supported login options are force_login and screen_name, e.g. Meteor.loginWithTwitter({ force_login: true }, cb).
A complete example
1. Configure the OAuth credentials on the server (for example in server/main.js). Twitter uses consumerKey/secret:
import { ServiceConfiguration } from 'meteor/service-configuration';
await ServiceConfiguration.configurations.upsertAsync(
{ service: 'twitter' },
{
$set: {
loginStyle: 'popup', // or 'redirect' (use 'redirect' for mobile/Cordova)
consumerKey: 'YOUR_CONSUMER_KEY',
secret: 'YOUR_CONSUMER_SECRET',
},
},
);See OAuth Services Configuration for the settings.json alternative and where to obtain these credentials.
2. Trigger the login. With Blaze you can drop in the ready-made widget from accounts-ui:
Or call the login function directly from your own button — this works with React, Vue, Svelte, plain JS, etc.:
function signIn() {
Meteor.loginWithTwitter((error) => {
if (error) {
// If the user closes the popup, the error is Accounts.LoginCancelledError.
console.error(error);
}
});
}3. Read the signed-in user. After a successful login the profile lives under services.twitter:
const user = Meteor.user(); // reactive on the client
// user.services.twitter.id, user.services.twitter.screenName, ...4. Log out:
Meteor.logout();What's stored on the user
After login, Twitter profile data is stored under services.twitter: id, screenName, name, lang, profile_image_url, profile_image_url_https, and (only if your app has email permission enabled) email. The access token is intentionally not published to clients.
Server behavior
On the server, accounts-twitter registers the twitter OAuth service and, when the autopublish package is enabled, publishes a fixed set of services.twitter fields to all clients (the access token is intentionally not published — not even to the logged-in user). The published fields are Twitter's whitelisted profile fields plus id and screenName.
See also
- Accounts API — the core
AccountsandMeteor.loginWith<ExternalService>APIs. - OAuth Services Configuration — configuring OAuth credentials.
- accounts-ui — drop-in login UI with a configuration wizard.

