How it works
When you connect X, Postezi:- Asks for your 4 X developer credentials
- Verifies them immediately by calling the X API
- Stores them encrypted at rest (AES-256-GCM)
- Uses them to sign requests on your behalf whenever you publish a post to X
Before you start
You need a free X developer account. Go to developer.x.com and sign in with your X account. Free accounts include enough API access for publishing posts.Step-by-step setup
Create a developer account
Go to developer.x.com and click Sign up. Use the same X account you want to publish from. Free tier is sufficient.
Create a Project and App
In the developer portal, click + Create Project. Give it a name (e.g. “Postezi”), select a use case (e.g. “Making a bot”), and create an App inside the project. The app name is only visible in your developer portal.
Set Read and Write permissions and fill in App info
Inside your App, go to Settings → User authentication settings. Under App permissions, select Read and Write.X will then ask you to fill in App info before saving. These fields are required by X to save the form, but none of them are used by Postezi. Postezi does not use any OAuth flow — you paste your Access Token directly, so no redirect ever happens.
Click Save.
| Field | What to enter |
|---|---|
| Callback URI / Redirect URL | Any valid https:// URL (e.g. your own website) |
| Website URL | Any valid https:// URL (e.g. your own website) |
| Organization name | Leave blank |
| Organization URL | Leave blank |
| Terms of Service | Leave blank |
| Privacy Policy | Leave blank |
Copy your credentials
Go to Keys and Tokens inside your App. You need all four values:
If you don’t see Access Token values, click Generate under Authentication Tokens. Make sure you generate them after setting Read and Write permissions.
| Credential | Where to find it |
|---|---|
| API Key (Consumer Key) | Keys and Tokens → API Key and Secret |
| API Secret (Consumer Secret) | Keys and Tokens → API Key and Secret |
| Access Token | Keys and Tokens → Authentication Tokens |
| Access Token Secret | Keys and Tokens → Authentication Tokens |
Paste into Postezi
In the Postezi dashboard, go to Accounts and click on the X (Twitter) card to expand it. Paste all four credentials into the fields and click Connect X account.Postezi verifies the credentials immediately. If they’re valid, your X handle appears as connected. If verification fails, double-check that you copied all four values correctly and that your app has Read and Write permissions.
X API pricing
X charges you directly on your developer account per published post. Postezi does not mark up or pass through any X API costs — you pay X directly. Current X API v2 pricing (Free tier):- Text posts: ~$0.015 per tweet
- Posts with URLs: ~$0.20 per tweet (URL enrichment is charged separately)
Postezi posts text-only to X at this time. Media uploads (images, video) are in development. Even without media, posts can include URLs that X will unfurl as cards.
Character limit
X has a 280 character limit per post. Postezi enforces this in the compose editor — the character counter turns red when you’re within 10 characters of the limit. Attempting to publish over 280 characters will be blocked. When AI-generated posts (from GitHub sources) are created for X, the LLM is instructed to stay within 280 characters.Disconnecting
To remove your X account from Postezi, go to Accounts, find the X card, and click Disconnect. Confirm the prompt. Disconnecting removes your stored credentials from Postezi. It does not delete your X developer app or revoke the app’s access — you can do that separately from developer.x.com if you want to fully revoke access.Troubleshooting
'Invalid credentials' error when connecting
'Invalid credentials' error when connecting
Double-check all four values are copied correctly with no extra spaces. The most common cause is copying the Access Token before enabling Read and Write permissions — in that case, generate a new Access Token after updating permissions and use the new values.
Publishing fails with a 403 error
Publishing fails with a 403 error
Your Access Token was generated before Read and Write permissions were set. Go to your X developer portal, update the app’s permissions to Read and Write, then regenerate the Access Token and reconnect in Postezi with the new credentials.
Publishing fails with a 401 error
Publishing fails with a 401 error
Your credentials may have been revoked or your app may have been suspended. Go to developer.x.com and check your app’s status. You can also regenerate your API Key and Access Token from Keys and Tokens, then reconnect in Postezi.
Post went through but I got charged unexpectedly
Post went through but I got charged unexpectedly
URL enrichment on X is billed separately from tweet creation. If your post included a URL, X may charge the URL rate (0.015). Check your usage at developer.x.com/en/portal/dashboard.