I’m building a chatbot that uses Twitch OAuth for authentication. The OAuth flow itself works 100% — I’m getting back the access_token, email, and display_name without issues.
However, when I fetch user info from the Twitch API (https://api.twitch.tv/helix/users), the login field (which should contain the Twitch username) is always null. So even though I can save the other user data and generate the JWT just fine, the login value is missing, and it ends up as null in the JWT payload. Not sure why just this one field isn’t coming through.
Whats the UserID you are looking up?
Or if doing a token to user lookup is the userID populated in the call?
So if you drop the token into a test tool such as Token Checker | Twitch API Example
you should get something like: (but with the email if the email scope is on the token)
What JWT twitch oAuth doesn’t JWT? Unless we are talking OIDC which is a different kettle of fish
I’m not 100% sure you are doing here in order to suggest a solution
I’m using the standard Twitch OAuth2 flow (not OIDC). After a successful login, I exchange the code for an access token, then call https://api.twitch.tv/helix/users using that token to retrieve the user’s Twitch data.
That call returns all expected fields properly, including:
- id: 795119794
- login: acelightninggaming
- display_name: AceLightningGaming
[Admin:ImageRemovedAsContainedNonHiddenEmail]
So the Twitch API is working fine, and login is definitely returned in the response. But when I generate a JWT server-side using jsonwebtoken, login ends up as null inside the JWT payload.
I are not using OIDC or JWTs from Twitch. I generate my own JWT after saving the user to MongoDB. So now I’m just trying to figure out why login is lost in that step. Appreciate any ideas or debugging suggestions!
Then the fault is in your code. Not in the API responses.
jsonwebtoken will take an object passed to it, so the object passed to it is not correctly constructed, but this will be in your code. So we’ll need to debug that
Here’s the relevant portion of the backend code:
- I fetch the Twitch user using the access token from helix.
const twitchUser = userRes.data.data[0];
console.log(“Twitch user fetched:”, twitchUser);
const email = twitchUser.email;
const name = twitchUser.display_name;
const login = twitchUser.login; // ← this is coming in as null
const channelID = twitchUser.id;
2. Just before creating the JWT, I log:
console.log("About to sign JWT with:", {
email,
name,
platforms: {
twitch: {
accessToken: access_token,
login,
channelID,
},
},
});
The console shows login: null, but display_name and email are fine. This suggests the login field is getting lost or not set correctly. But I’ve confirmed the Twitch API is returning a valid login value like acelightninggaming.
Do you spot anything odd or have any suspicions? Is there anything specific you want to look at?
Theres nothing obviously wrong in the presented code snippets.
simple test:
let access_token = 'redacted';
var jwt = require('jsonwebtoken');
async function go() {
let req = await fetch(
'https://api.twitch.tv/helix/users',
{
method: 'get',
headers: {
'Client-ID': 'NotRelevant',
'Authorization': `Bearer ${access_token}`
}
}
);
let { data } = await req.json();
let twitchUser = data[0];
const email = twitchUser.email;
const name = twitchUser.display_name;
const login = twitchUser.login; // ← this is coming in as null
const channelID = twitchUser.id;
let s = jwt.sign({
email,
name,
platforms: {
twitch: {
accessToken: access_token,
login,
channelID,
},
},
}, 'secret', { expiresIn: '1h' });
console.log(s);
}
go();
has no email as my test token lacked the email scope
