Every time I try to make a refresh token request, I’m getting either missing client_secret OR client_id. After browsing the whole discuss board I figure that I need to use Client-ID as well as change the old link.
Looking at your image the only other issue I can see is that you’re using the wrong URL. For refresh tokens you should be using https://id.twitch.tv/oauth2/token
Yeah, so that was the link issue at the end. However, I’m still getting 400 “Missing refresh token” when I don’t have a refresh token. I’m using this OAuth flow: https://dev.twitch.tv/docs/authentication/getting-tokens-oauth/#oauth-client-credentials-flow so I’m not provided with one. Unless I misunderstood, and server-to-server OAuth Token doesn’t have to be refreshed at all?
(Note that app access tokens and ID tokens cannot be refreshed.)
They still expire, but it’s an app access token, you can just get a new one. Client tokens have a refresh token because otherwise you’d have to send the user through the OAuth process all over again, so refresh tokens in that situation lets you refresh the client access token without having to involve the user, a problem app access tokens do not have.
Hmm not sure if I follow 100% (still learning), so let me re-phrase my question:
I have ‘static’ client_id and secret_id assigned to my account. They never change for my app (unless I forget my secret_id and need to create a new one. That’s understandable.
Because I want to increase my request limit from 30 to 120, I decided to get an Authorization Token (Bearer Token). Unfortunately, this token does not have a pre-assigned refresh token which I could use to run this request:
--data-urlencode
?grant_type=refresh_token
&refresh_token=<your refresh token> # I don't have this one
&client_id=<your client ID>
&client_secret=<your client secret>
Is there a way to refresh my Bearer Token then in a server-to-server API “integration” or should I simply request a new Bearer Token every time my old one expires?