Sign in with StockTwits

Overview

Simplify your registration and sign-in process by using a "Connect with StockTwits" button.

This lets your user know that they can register for your app with one click using their StockTwits account. It also grants your app access to their account and gives you the ability to post messages and access their profile details. As mentioned in the Authentication documentation, your access to users' account details will vary depending on the user permissions that are granted upon signing up.


Implementing Sign in with StockTwits

  1. Add a "Connect with StockTwits" button to your website. You can use the button below or create one of your own that works with our site. If you create your own button, be sure to use our logos properly and adhere to our Terms and Conditions.

    Connect with StockTwits

    Connect with StockTwits

    Connect with StockTwits

    Connect with StockTwits

    Connect with StockTwits

    Connect with StockTwits

    Connect with StockTwits

  2. After directing the user to the authorize call (step 2 of the Authentication flow), StockTwits will prompt an authentication box for the user to login and grant access to your application with the permissions you request:

    Connect with StockTwits

    https://api.stocktwits.com/api/2/oauth/authorize?client_id=&response_type=code&redirect_uri=http://www.example.com&scope=read,watch_lists,publish_messages,publish_watch_lists,direct_messages,follow_users,follow_stocks
    

  3. Once granted, the user will be directed back to your site (the 'redirect_uri' set in the authorize call) with a verification token passed as a query parameter named code.

  4. Send a POST request to https://api.stocktwits.com/api/2/oauth/token with the code, client_id, client_secret, and redirect_uri:
  5. https://api.stocktwits.com/api/2/oauth/authorize?client_id=&response_type=code&redirect_uri=http://www.example.com&scope=read,watch_lists,publish_messages,publish_watch_lists,direct_messages,follow_users,follow_stocks
    

  6. The response will return with an access_token, scope, user_id and username. You can then use this access token to make authenticated API calls on behalf of the user. Note that this access token will not expire or need to be refreshed, so you may want to save this access token:

    {
      "user_id": 1,
      "access_token": "<access_token>",
      "scope": "read",
      "username": "userabc"
    }
    

Client-side JavaScript Sign in

The following JavaScript code is an example of implementing the signin process on the client-side:

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js" type="text/javascript"></script>
<script language="javascript">

  $(document).on('click', '#connect', function() {
    window.open($(this).attr('href'), 'stocktwits_oauth', 'width=500,height=550');
    return false;
  });

  $(document).ready(function() {
    if (/access_token=(\w+)/.test(window.location.hash)) {
      var accessToken = window.location.hash.match(/access_token=(\w+)/)[1];
      $.getJSON("https://api.stocktwits.com/api/2/account/verify.json?callback=?", { access_token: accessToken },
        function(data) {
          if (data.user) {
            $('#me').html("Hello: " + data.user.username);
          }
      });
    }
  });

</script>

<a id="connect" href="https://api.stocktwits.com/api/2/oauth/authorize?client_id=<CLIENT ID GOES HERE>&redirect_uri=<REDIRECT URL>&response_type=token">Connect to StockTwits</a>
<div id="me"></div>