Introduction
V2 Account Activity API
Overview
The Account Activity API (AAA) provides a way to receive real-time events related to X user accounts via webhooks. By subscribing specific user accounts to a pre-configured webhook, your application can be notified of various activities such as Posts, Direct Messages, Likes, Follows, Blocks, and more, from one or more of your owned or subscribed accounts through a single connection.
This API is commonly used to build applications that need to react instantly to user actions or maintain an up-to-date state based on user activity. You will receive all related activities below for each user subscription on your webhook registration:
Activity Types
- Posts (by user)
- Post deletes (by user)
- @mentions (of user)
- Replies (to or from user)
- Reposts (by user or of user)
- Quote Posts (by user or of user)
- Reposts of Quoted Posts (by user or of user)
- Likes (by user or of user)
- Follows (by user or of user)
- Unfollows (by user or of user)
- Blocks (by user or of user)
- Unblocks (by user or of user)
- Mutes (by user or of user)
- Unmutes (by user or of user)
- Direct Messages sent (by user)
- Direct Messages received (by user)
- Typing indicators (to user)
- Read receipts (to user)
- Subscription revokes (by user)
Note: We do not deliver home timeline data via the Account Activity API. Use the User Posts timeline by User ID endpoint to pull this data.
The returned Posts from Account Activity API count towards the monthly Post cap.
Feature Summary
| Tier | Pricing | Number of Unique Subscriptions | Number of Webhooks |
|---|---|---|---|
| Self-Serve Pro | $5000/mo | 1 | 1 |
| Enterprise | Contact sales | 5000+ | 5+ |
This document focuses on managing user subscriptions associated with your webhooks using v2 Account Activity API endpoints.
Manage Subscriptions
The Account Activity API provides webhook-based JSON messages any time there are events associated with X accounts subscribed to your service. X delivers those activities to your registered webhook. In the following steps, you will learn how to set up and manage subscriptions for user accounts.
1. Create an X App
Create an X app with an approved developer account from the developer portal. If creating the app on behalf of your company, use a corporate X account.
- Enable “Read, Write, and Access direct messages” on the permissions tab of your app page.
- On the “Keys and Access Tokens” tab, note your app’s Consumer Key (API Key), Consumer Token (API Secret), and Bearer Token.
- Generate your app’s Access Token and Access Token Secret. These are needed to subscribe to user accounts.
- Review Obtaining Access Tokens if unfamiliar with X Sign-in and user contexts.
- Note your app’s numeric ID from the “Apps” page in the developer portal. This is required when applying for Account Activity API access.
2. Get Account Activity API Access
The Account Activity API is available only on the Enterprise tier. Submit an application for Enterprise access via the developer portal.
3. Register a Webhook
To receive Account Activity events, you must register a webhook with a publicly accessible HTTPS URL. See the V2 Webhooks API documentation for details on developing a webhook consumer app, registering a webhook, securing it, and handling Challenge-Response Checks (CRC).
- Ensure your webhook is configured to handle POST requests with JSON-encoded event payloads.
- Obtain the webhook_id from the webhook registration response, as it is required for managing subscriptions.
4. Validate Setup
To validate that your app and webhook are configured correctly:
- Subscribe a user account to your webhook (see “Adding a Subscription” below).
- Favorite a Post posted by one of the X accounts your app is subscribed to.
- You should receive a favorite_events payload via a POST request to your webhook URL.
- Note: It may take up to 10 seconds for events to start being delivered after adding a subscription.
Important Notes
- Authentication: When subscribing users, use the consumer key, consumer secret, access token, and access token secret for the user’s account.
- Direct Messages: All incoming and outgoing Direct Messages (sent via POST /2/dm_conversations/with/:participant_id/messages) are delivered via webhooks to keep your app aware of all DM activity.
- Event Duplication:
- If two subscribed users are in the same DM conversation, your webhook receives duplicate events (one per user). Use the for_user_id field to distinguish them.
- If multiple apps share the same webhook URL and user, events are sent multiple times (once per app).
- Your app should deduplicate events using the event ID to handle occasional duplicates.
- Example Code: See the Account Activity API Setup for a web app that displays webhook events.
Managing Subscribed Users (v2 API)
Once you have a registered webhook with a valid webhook_id, you can manage user subscriptions to receive their account activities. Use the following endpoints to add, view, or remove subscriptions.
Adding a Subscription
Endpoint: POST /2/account_activity/webhooks/:webhook_id/subscriptions/all
Description: Subscribes the authenticating user to receive events via the specified webhook.
Authentication: OAuthUser (3-legged OAuth flow required, representing the user being subscribed).
- Consumer Key: e.g., xvz1evFS…
- Access Token: e.g., 370773112-GmHxMAgYyLbN…
Path Parameters:
| Parameter | Description |
|---|---|
| webhook_id | The ID of the webhook to associate the subscription with. |
Request:
bash
Responses:
- Success (200 OK):
- json
- Failure (400 Bad Request):
| Reason | Description |
|---|---|
| WebhookIdInvalid | The provided webhook_id was not found or is not associated with the app. |
| DuplicateSubscriptionFailed | A subscription for this user already exists for the specified webhook_id. |
| SubscriptionLimitExceeded | The application has reached its subscription limit across all webhooks. |
Checking a Subscription
Endpoint: GET /2/account_activity/webhooks/:webhook_id/subscriptions/all
Description: Checks if the authenticating user is subscribed to the specified webhook.
Authentication: OAuthUser (3-legged OAuth flow required).
Path Parameters:
| Parameter | Description |
|---|---|
| webhook_id | The ID of the webhook to check. |
Request:
bash
Responses:
- Success (200 OK):
- json
- Failure (400 Bad Request):
| Reason | Description |
|---|---|
| WebhookIdInvalid | The provided webhook_id was not found or is not associated with the app. |
Removing Subscriptions
Endpoint: DELETE /2/account_activity/webhooks/:webhook_id/subscriptions/:user_id/all
Description: Deactivates the subscription for a specific user ID, stopping event delivery to the webhook.
Authentication: OAuth2 App Only Bearer Token.
- Bearer Token: e.g., AAAAAAAAAAAA0%2EUifi76ZC9Ub0wn…
Path Parameters:
| Parameter | Description |
|---|---|
| webhook_id | The ID of the webhook containing the subscription. |
| user_id | The numerical ID of the user to unsubscribe. |
Request:
bash
Responses:
- Success (200 OK):
- json
- Failure (400 Bad Request):
| Reason | Description |
|---|---|
| SubscriptionNotFound | No subscription exists for the specified user_id on the given webhook_id. |
| WebhookIdInvalid | The provided webhook_id was not found or is not associated with the app. |
Viewing all Subscriptions
Endpoint: GET /2/account_activity/webhooks/:webhook_id/subscriptions/all/list
Description: Retrieves a list of all user IDs currently subscribed to the specified webhook.
Authentication: OAuth2 App Only Bearer Token.
Path Parameters:
| Parameter | Description |
|---|---|
| webhook_id | The ID of the webhook to list subscriptions for. |
Request:
bash
Responses:
- Success (200 OK):
- json
- Failure (400 Bad Request):
| Reason | Description |
|---|---|
| WebhookIdInvalid | The provided webhook_id was not found or is not associated with the app. |
Subscriptions Count
Endpoint: GET /2/account_activity/subscriptions/count
Description: Returns the total count of active subscriptions and the provisioned limit for the authenticating application.
Authentication: OAuth2 App Only Bearer Token.
Request:
bash
Responses:
- Success (200 OK):
- json
Replay
AAAv2 provides replay functionality that allows you to retrieve past events for a specified time range and re-deliver them to your webhook. This is useful for recovering missed events due to downtime.
Endpoint: POST /2/account_activity/replay/webhooks/:webhook_id/subscriptions/all
Description: Initiates a replay job
Authentication: OAuth2 App Only Bearer Token
Path Parameters:
| Parameter | Description |
|---|---|
| webhook_id | The ID of the webhook to begin replay |
Query Parameters:
| Parameter | Description |
|---|---|
| from_date | The oldest (starting) UTC timestamp from which the events will be provided, must be in ‘yyyymmddhhmm’ format. Timestamp is in minute granularity and is inclusive (i.e. 12:00 includes the 00 minute). Valid times must be within the last 24 hours, UTC time, and no more recent than 31 minutes before the current point in time. It’s recommended that the from_date and to_date should be within ~2 hours. |
| to_date | The latest (ending) UTC timestamp to which the event will be provided, must be in ‘yyyymmddhhmm’ format. Timestamp is in minute granularity and is exclusive (i.e. 12:30 does not include the 30th minute of the hour). Valid times must be within the last 24 hours, UTC time, and no more than 10 minutes before the current point in time. |
Responses:
Success:
Failures:
| Reason | Description |
|---|---|
| QueryParamInvalid | from_date is older than 24 hours from the current time. |
| QueryParamInvalid | from_date is more recent than to_date. |
| QueryParamInvalid | from_date is in the future. |
| QueryParamInvalid | to_date is in the future. |
| QueryParamInvalid | from_date or to_date is not in the correct format. |
| CrcValidationFailed | Incorrect response received from the webhook URL during CRC validation. |
| ReplayConflictError | A replay job is already in progress for the specified webhook. |
| WebhookIdInvalid | The provided webhook_id is invalid or not associated with the app. |
Job Completed Messages
Once your replay job successfully completes, X will deliver the following job completion event. Once you receive this event, the job has finished running and another can be submitted.
In the event your job does not complete successfully, we will return the following message encouraging you to retry your Replay Job. Once you receive this event, the job has finished running and another can be submitted.
Account Activity Data Object Structure
| Object | Details |
|---|---|
| for_user_id | Identifies the user subscription that the event is related to. |
| is_blocked_by | (Conditional) Shown only for Post mention events if the mentioning user is blocked by the subscribed user. |
| source | The user performing the activity (e.g., the user following, blocking, or muting). |
| target | The user the activity applies to (e.g., the user being followed, blocked, or muted). |
Available Activities
| Message Type | Details |
|---|---|
| tweet_create_events | Post status for Posts, Retweets, Replies, @mentions , Quote Tweets, or Retweet of Quote Tweets. |
| favorite_events | Like event with user and target. |
| follow_events | Follow event with user and target. |
| unfollow_events | Unfollow event with user and target. |
| block_events | Block event with user and target. |
| unblock_events | Unblock event with user and target. |
| mute_events | Mute event with user and target. |
| unmute_events | Unmute event with user and target. |
| user_event | Revoke events when a user removes app authorization (subscription auto-deleted). |
| direct_message_events | DM status for sent or received messages. |
| direct_message_indicate_typing_events | DM typing event with user and target. |
| direct_message_mark_read_events | DM read event with user and target. |
| tweet_delete_events | Notice of deleted Posts for compliance. |
| spaces_events | Not currently supported. Coming soon. |
Payload Examples
Below are example payloads for each Account Activity event.
tweet_create_events (Posts, Retweets, Replies, QuoteTweets)
tweet_create_events (@mentions)
favorite_events
follow_events
unfollow_events
block_events
unblock_events
mute_events
unmute_events
user_event
direct_message_events
direct_message_indicate_typing_events
direct_message_mark_read_events
tweet_delete_events
Support for Longform Posts
The V2 Account Activity API now supports longform posts, which are posts exceeding 280 characters. When a longform post is included in a tweet_create_events payload, the text field contains the first 140 characters (or fewer), and the truncated field is set to true. The full post content is delivered in the extended_tweet object, which includes:
- full_text: The complete text of the post, including all characters beyond the 280-character limit.
- entities: Any entities (e.g., hashtags, URLs, user mentions, symbols) appearing in the full text, including those after the 280th character.
- display_text_range: The range of characters to display, accounting for the full text.
This ensures that applications can process the entire content of longform posts, including mentions or other entities that appear later in the text. Below is an example of a tweet_create_events payload for a longform post:
Account Activity API Migrating from Legacy Enterprise to v2
See our Migration Guide!
Frequently Asked Questions
What are the advantages of using the Account Activity API?
The Account Activity API uses webhooks, delivering data in real-time without requiring an open connection (unlike streaming APIs) or frequent polling (unlike REST APIs). Benefits include:
- Speed: Delivers data at the speed of X.
- Simplicity: Provides all account events through a single webhook connection, including Posts, @mentions, Replies, Reposts, Quote Tweets, Likes, DMs, Follows, Blocks, and Mutes.
- Scale: Supports all activities for managed accounts without rate limits or event caps (Enterprise tier).
I need development, staging, and production environments for Account Activity API, is this possible?
Yes! Tou can register multiple webhook URLs and manage subscriptions separately via the V2 Webhooks API.
Do you have any step-by-step guides on how to get set up with the Account Activity API?
Yes! See the Getting Started with Webhooks guide and the Account Activity API Sample Application.
What authentication do I have to use with the Account Activity API?
Authentication requirements are specified per endpoint. Review the Authentication section for details.
Will I get duplicate activities if subscribed to users that are interacting with each other?
Yes. If your app has subscriptions for User A and User B, and User A mentions User B in a Post, your webhook receives two events (one per user). Use the for_user_id field to identify the subscription.
When I make a subscription to my webhook, can I replace the /all/ portion of the endpoint with other account activity data objects to limit the activities delivered?
No. The /all/ product is the only option, delivering all supported event types.
If I have access to three webhooks, can I use three webhooks for each of the apps that I have registered for enterprise use?
The webhook limit is set at the account level, not per app. For example, with three webhooks and two apps, you could use two webhooks for one app and one for the other, but not three per app.
Account Activity API Reference Index
| Purpose | V2 Endpoint |
|---|---|
| Subscribes an application to an account’s events | POST /2/account_activity/webhooks/:webhook_id/subscriptions/all |
| Returns a count of currently active subscriptions | GET /2/account_activity/subscriptions/count |
| Checks if a webhook is subscribed to an account | GET /2/account_activity/webhooks/:webhook_id/subscriptions/all |
| Returns a list of currently active subscriptions | GET /2/account_activity/webhooks/:webhook_id/subscriptions/all/list |
| Deactivates a subscription using app-only OAuth | DELETE /2/account_activity/webhooks/:webhook_id/subscriptions/:user_id/all |
| Creates a replay job | POST /2/account_activity/replay/webhooks/:webhook_id/subscriptions/all |
For webhook management endpoints (register, view, validate, delete), see the V2 Webhooks API documentation