Authorization code grant flow dropping parameters on login

Hello!

I’m having an issue with the authorization code grant flow dropping parameters on login.

When the user is already logged in to Twitch in the browser, it all works correctly.
However if the user is not logged in, after the login the url only contains the claims and every other parameter is lost.
I believe this started happening in the last month or so, with no change on my side.

I’ve tried to reduce the length of the nonce and state to check if I was hitting a max length limit, with no luck.

Here is a sample request (added new lines for readability)

https://id.twitch.tv/oauth2/authorize
?response_type=code
&client_id=<REDACTED>
&redirect_uri=https%3a%2f%2f<REDACTED>%2ftwitch-signin-oidc
&scope=openid+user%3aread%3asubscriptions
&claims=%7b%22userinfo%22%3a%7b%22picture%22%3anull%2c+%22preferred_username%22%3anull%7d%7d
&nonce=cnhW93Je7centKMGCLZAfi9BrO%2fUdx6Ott%2bPiPDAw5%2bSCOG1Y57SFen3XwuDz3TwauBojvIurK6FYpxjwkXeow%3d%3d
&state=cnhW93Je7centKMGCLZAfi9BrO%2fUdx6Ott%2bPiPDAw5%2bSCOG1Y57SFen3XwuDz3TwauBojvIurK6FYpxjwkXeow%3d%3d

and here is the url after the Twitch login prompt

https://id.twitch.tv/oauth2/authorize?claims=%7B%22userinfo%22:%7B%22picture%22:null,%20%22preferred_username%22:null%7D%7D

Any suggestion is welcome
Thank you!

What platform?

There is an open issue regarding android - Oauth ERROR on andorid · Issue #985 · twitchdev/issues · GitHub

yes, that is the same problem, on android with the integrated Telegram browser.
thanks for linking the issue

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.