Bot Hound uses OAuth 2.0 to request only the specific permissions it needs. Here's exactly what we ask for and why.
Bot Hound requests a narrow set of permissions — just enough to identify your account so you can run a Bot Check. We cannot post tweets, send DMs, follow accounts, or change your profile. We do not ask for access to your followers list.
When you sign in with your 𝕏 (Twitter) account to run a Bot Check, Bot Hound requests these OAuth 2.0 scopes:
users.read — read your profile (to identify your account)tweet.read — read tweets (required by the API alongside users.read)That’s it — identity only. Because we don’t request offline access, we don’t receive a refresh token: our access ends when the short-lived access token expires.
A Bot Check analyzes the account you enter — its public profile, recent public tweets, and profile image. We fetch that public data from 𝕏 (directly or via a third-party 𝕏 data provider). We never access your followers, and the account you check does not need to be connected to Bot Hound.
Bot Hound does not have permission to perform any of the following:
Last updated: July 11, 2026