Cannot debug Vine and Twitter api via charles debug proxy while facebook, flickr and any other API can be

Question

I am trying to debug Vine API using Charles debug proxy. I have an IOS version of Vine app running in my device and I have set wifi proxy.

I could debug API calls from all other applications by enabling ssl proxying. But SSL proxying is not working for Vine(api.vine.com) . I tried twitter facebook and flickr apps. I could debug facebook and flickr apis and could see JSON response but for twitter this fails.

As Vine is owned by Twitter, my doubt is if Twitter has implemented some security in their APIs or changed some protocols to ensure that APIs cannot be debugged. If that is the case why facebook has not implemented the same ? Their APIs can be easily debugged.

Please find screenshots attached.

Vine API

Flickr API

Facebook API

Twitter API

UPDATE:Jul 22, 2015

It seems that Twitter is using SSL pinning.

Answer 1

At last I found the reason. Twitter is using SSL pinning in their app to secure their APIs from man in the middle attack. There is a hint about this in their API documentation

More information about pinning can be found here.