kavachOS
Authentication

Twitter / X

Sign in with Twitter using OAuth 2.0.

Setup

Get credentials

Go to the Twitter Developer Portal and create a project and app. Under User authentication settings, enable OAuth 2.0 and set the redirect URI to:

https://your-app.com/api/kavach/auth/oauth/callback/twitter

Set the app type to Web App and enable Read permissions at minimum.

Configure

lib/kavach.ts
import { createKavach } from 'kavachos';
import { oauth } from 'kavachos/auth';
import { createTwitterProvider } from 'kavachos/auth';

const kavach = await createKavach({
  database: { provider: 'sqlite', url: 'kavach.db' },
  plugins: [
    oauth({
      providers: [
        createTwitterProvider({
          clientId: process.env.TWITTER_CLIENT_ID!,
          clientSecret: process.env.TWITTER_CLIENT_SECRET!,
        }),
      ],
    }),
  ],
});
TWITTER_CLIENT_ID=...
TWITTER_CLIENT_SECRET=...

Scopes

Default scopes: users.read, tweet.read

ScopeWhat it unlocks
users.readRead the user's profile
tweet.readRead tweets
offline.accessRefresh token support

Twitter does not return an email address through the standard OAuth 2.0 flow. KavachOS uses a synthetic non-deliverable address (username@twitter.invalid) as a placeholder. Do not treat it as a real email.

Endpoints

MethodPathDescription
GET/auth/oauth/authorize/twitterRedirect to Twitter
GET/auth/oauth/callback/twitterHandle callback

Notion

Sign in with Notion using OAuth 2.0.

Figma

Sign in with Figma using OAuth 2.0.

On this page

Setup
Get credentials
Configure
Scopes
Endpoints