I built a Telegram Twitter auto-poster — here's what OAuth 1.0a actually requires

I run a cybersecurity consulting firm. We publish a lot of content — threat intel, CVE summaries, analysis — first on a Telegram channel, then cross-posted to Twitter/X for reach. After the tenth time manually copying a post at 8am, I decided to automate it.

The result: a Python bot that reads a Telegram channel via the Bot API, filters for posts worth sharing, and pushes them to Twitter. It runs every 2 hours via cron. It's capped at 400 tweets per month to stay on the free API tier. At 3 tweets per run, that's exactly 360 per month — enough margin for reruns and edge cases.

Building it took maybe 4 hours. Debugging OAuth took 3 of those.

The deceptively simple problem

Twitter API v2 is the current API. It uses OAuth 2.0 Bearer tokens for read operations, and OAuth 1.0a for write operations (posting tweets). That's annoying but fine — I'd dealt with OAuth 1.0a before.

I built a Telegram Twitter auto-poster — here's what OAuth 1.0a actually requires

Related reading

Building A Telegram Bot-to-Bot Communication Showcase With TypeScript

Telegram Just Opened the Door for Agent-to-Agent Communication. Here's Why…

A Production Python Telegram Bot Was Crashing Every 2 Hours. The Fix Was 18…

I Built a Pay-Per-Call Crypto Signal API with x402 — Heres the Architecture

Building a Daily Google News API Monitor in Python

Twitter's former Trust and Safety head details the challenges facing…