Authorised application unable to send to channel because of missing scopes

I have a verified application/chatbot that I want to use to send a chat message to a channel. Currently we have an IRC chatbot performing operations, but we want to move across to eventsub/webhooks as a means of stability more than anything. We have subscriptions set up for streaming status updates, and subsequently webhooks to respond properly.

The user has authorised the application with the correct scopes (user:read:chat, user:write:chat, user:bot and channel:bot just to cover all bases) using authorization code grant flow. I then wish to use the Send Chat Message endpoint using the application access token so as to appear that the message is being sent from the application itself.

  • Authorization header is Bearer [app access token]
  • Sender ID is the user ID for the application
  • Broadcaster ID is the channel to send the messages to

Each time we try to send the message, we get the error

"The sender must have authorized the app with the user:write:chat and user:bot scopes."

It was mentioned elsewhere but it’s still not clear to me how this application is missing scopes when the user’s fully authed up. Validating the user access token confirms the right scopes are in place, so unless I misunderstand, I am able to use the application access token on this endpoint.

The API is being handled as server-to-server, and we’re going to be creating conduits / eventsubs for incoming message reading. I figure either I’m misreading how this endpoint is actioned (incorrect sender ID maybe?), or I need the subscription to be enabled as well as the correct scopes in order for the endpoint to work? In which case the error I’m receiving doesn’t pinpoint the underlying issue. Anywho, any help appreciated!

The user you are trying to send chat as the sender ID in your call.

You didn’t prior generate a user access token for sender ID with the stated scopes.

You can’t send messages as “an application”
Messages are sent as an actual user, so you need to authroizer the user in senderID to your clientID first