Twitter is committed to ensuring the security and privacy of our users, services, and our developers.
Since the removal of SSL support in 2014, the Twitter API has required a minimum of TLS 1.0 for all incoming connections. Both TLS 1.0 and 1.1 are now significantly outdated, having been superseded by TLS 1.2 in 2008.
Beginning July 15th 2019, all connections to the Twitter API (and all other Twitter domains) will require TLS 1.2. This change will affect all formats and tiers of the API (REST, streaming, and webhooks; standard, premium, enterprise, and Ads and Media APIs), as well as the wider Twitter platform.
What should I do now?
We recommend reviewing ALL code that connects to the Twitter API, and validating that it uses libraries that support modern, secure encryption standards. Specifically, you must ensure that your code correctly negotiates a TLS 1.2 connection to api.twitter.com and associated domains.