X auth provider

The X auth provider enables tools and agents to call the X (Twitter) API on behalf of a user. Behind the scenes, the Arcade Engine and the X auth provider seamlessly manage X OAuth 2.0 authorization for your users.

What's documented here

This page describes how to use and configure X auth with Arcade AI.

This auth provider is used by:

• The Arcade X toolkit, which provides pre-built tools for interacting with X
• Your app code that needs to call X APIs
• Or, your custom tools that need to call X APIs

Configuring X auth

How you configure the X auth provider depends on whether you use the Arcade Cloud Engine or a self-hosted Engine.

With the Arcade Cloud Engine, you can start building and testing X auth without any configuration. Your users will see Arcade AI (demo) as the name of the application that's requesting permission.

When you are ready to go to production, you'll want to configure the X auth provider with your own X app credentials, so users see your app name when they authorize access.

Create an X app

• Follow X's guide to creating an app (opens in a new tab)
• Configure user authentication for your new app and set its type to "Web app"
• Set the redirect URL to: https://cloud.arcade-ai.com/api/v1/oauth/callback
• Copy the client ID and client secret

Configuring X auth with the Arcade Cloud Engine

Configuring X auth with a self-hosted Arcade Engine

export X_CLIENT_ID="<your client ID>"
export X_CLIENT_SECRET="<your client secret>"

X_CLIENT_ID="<your client ID>"
X_CLIENT_SECRET="<your client secret>"

auth:
  providers:
    - id: x
      client_id: ${env:X_CLIENT_ID}
      client_secret: ${env:X_CLIENT_SECRET}

Using X auth in app code

Use the X auth provider in your own agents and AI apps to get a user token for the X API. See authorizing agents with Arcade to understand how this works.

Use client.auth.start() to get a user token for X:

from arcadepy import Arcade
 
client = Arcade()  # Automatically finds the `ARCADE_API_KEY` env variable
 
user_id = "[email protected]"
 
# Start the authorization process
auth_response = client.auth.start(
    user_id=user_id,
    provider="x",
    scopes=["tweet.read", "tweet.write", "users.read"],
)
 
if auth_response.status != "completed":
    print("Please complete the authorization challenge in your browser:")
    print(auth_response.authorization_url)
 
# Wait for the authorization to complete
auth_response = client.auth.wait_for_completion(auth_response)
 
token = auth_response.context.token
# Do something interesting with the token...

Using X auth in custom tools

The Arcade LLM API is a convenient way to call LLMs and automatically invoke tools. You can use the pre-built Arcade X toolkit to quickly build agents and AI apps that interact with X.

If the pre-built tools in the X toolkit don't meet your needs, you can author your own custom tools that interact with the X API.

Use the X() auth class to specify that a tool requires authorization with X. The context.authorization.token field will be automatically populated with the user's X token:

from typing import Annotated
 
import httpx
 
from arcade.sdk import ToolContext, tool
from arcade.sdk.auth import X
 
 
@tool(
    requires_auth=X(
        scopes=["tweet.read", "tweet.write", "users.read"],
    )
)
async def post_tweet(
    context: ToolContext,
    tweet_text: Annotated[str, "The text content of the tweet you want to post"],
) -> Annotated[str, "Success string and the URL of the tweet"]:
    """Post a tweet to X (Twitter)."""
    url = "https://api.x.com/2/tweets"
    headers = {
        "Authorization": f"Bearer {context.authorization.token}",
        "Content-Type": "application/json",
    }
    payload = {"text": tweet_text}
 
    async with httpx.AsyncClient() as client:
        response = await client.post(url, headers=headers, json=payload)
        response.raise_for_status()
 
        tweet_id = response.json()["data"]["id"]
        return f"Tweet with id {tweet_id} posted successfully. URL: https://x.com/x/status/{tweet_id}"