Twitter is currently the only built-in provider using the OAuth 1.0 spec. This means that you won't receive an access_token or refresh_token, but an oauth_token and oauth_token_secret respectively. Remember to add these to your database schema, in case if you are using an Adapter.
Documentation​
Configuration​
https://developer.twitter.com/en/apps
Options​
The Twitter Provider comes with a set of default options:
You can override any of the options to suit your own use case.
Example​
import TwitterProvider from "next-auth/providers/twitter";
...
providers: [
TwitterProvider({
clientId: process.env.TWITTER_CLIENT_ID,
clientSecret: process.env.TWITTER_CLIENT_SECRET
})
]
...
You must enable the "Request email address from users" option in your app permissions if you want to obtain the users email address.
OAuth 2.0​
Twitter supports OAuth 2, which is currently opt-in. To enable it, simply add version: "2.0" to your Provider configuration:
TwitterProvider({
clientId: process.env.TWITTER_ID,
clientSecret: process.env.TWITTER_SECRET,
version: "2.0", // opt-in to Twitter OAuth 2.0
})
Keep in mind that although this change is easy, it changes how and with which of Twitter APIs you can interact with. Read the official Twitter OAuth 2 documentation for more details.
Email is currently not supported by Twitter OAuth 2.0.