Users
User Login
Get fresh auth tokens for a Twitter account via API. Required for write endpoints like tweeting and DMs. GetXAPI login endpoint docs.
POST
/twitter/user_loginThis endpoint costs $0.001 per API call.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
username | string | Yes | Twitter username (without @) |
password | string | Yes | Account password |
email | string | Yes | Email address for verification. Required in practice — Twitter's login flow conditionally triggers an alternate-identifier subtask asking for the account's email, and login fails with 366 "Missing data" if not supplied. Always pass email if you have it. |
totp_secret | string | Conditional | TOTP secret for 2FA-enabled accounts (base32 string). Required whenever 2FA is enabled on the account. |
proxy | string | No | Your own proxy URL (e.g. http://user:pass@host:port). When supplied, the login is performed through your proxy instead of the server's. |
Notes
- Returns fresh auth tokens (auth_token, ct0, twid) for the account.
- Why email matters: Twitter's login is a multi-step subtask flow. After password, Twitter's risk engine decides whether to trigger an alternate-identifier subtask ("verify it's you, enter your email"). Whether it fires depends on account age, IP reputation, prior login patterns, and random risk scoring — you cannot predict it per request, so the safe default is to always send email.
- For 2FA accounts, provide the
totp_secretto auto-generate the 6-digit code. - Proxy: Pass your own proxy URL to log in from your IP instead of the server's. Useful for residential-IP login flows or staying consistent with the IP you use for subsequent calls.
- Profile data is fetched automatically after successful login.
Response (200)
{
"username": "blueriver_42",
"auth_token": "7b3f9c1e2d8a4f6b9c0e1a2d3f4b5c6e7a8b9c0d",
"ct0": "9a2c4e6f8b1d3a5c7e9f0b2d4a6c8e0f",
"twid": "u=1623458791034556928",
"profile": {
"type": "user",
"id": "1623458791034556928",
"userName": "blueriver_42",
"name": "Blue River",
"url": "https://x.com/blueriver_42",
"isVerified": false,
"isBlueVerified": false,
"profilePicture": "https://pbs.twimg.com/profile_images/...",
"description": "",
"location": "",
"followers": 18,
"following": 33,
"createdAt": "Wed Mar 15 09:42:11 +0000 2023"
}
}Error Responses
400 - Missing fields
{
"error": "Missing required fields: username, password"
}500 - Login failed
{
"error": "Login failed: invalid credentials or account locked"
}Example
# Basic login (no 2FA)
curl -X POST "https://api.getxapi.com/twitter/user_login" \
-H "Authorization: Bearer API_KEY" \
-H "Content-Type: application/json" \
-d '{
"username": "myaccount",
"password": "mypassword",
"email": "myemail@example.com"
}'
# Login with 2FA (TOTP)
curl -X POST "https://api.getxapi.com/twitter/user_login" \
-H "Authorization: Bearer API_KEY" \
-H "Content-Type: application/json" \
-d '{
"username": "blueriver_42",
"password": "kp7m9q2nx4tj",
"email": "blueriver42@mailprovider.com",
"totp_secret": "JBSWY3DPEHPK3PXP"
}'Update ProfileNew
Update Twitter profile fields (name, bio, location, URL, color, birthdate) programmatically via API. $0.001 per call. GetXAPI update profile endpoint.
List Members
Get all members of a public Twitter/X list via API. $0.001 per call, ~20 users per call. GetXAPI list members endpoint documentation.