Error to create a Authorization code grant flow

Hey everyone,

I would like to create a Authorization to collect token and access the redemptions on channelpoints. But api return this
{ "status": 401, "message": "invalid csrf token" }

Probably i do a mistake somewhere, but i dont know where.
I created a request in Insomnia:

Can you help me, to solve this problem? Thanks.

Step 1 of oAuth is to redirect the user to Twitch.
Not to fetch the URL

Also: ClientID’s are public. So you censored it for no reason.

oAuth steps:

  1. User comes to your website
  2. User clicks link to login with Twitch
  3. User is taken to Twitch
  4. User accepts (or declines) the link between ClientID and their account
  5. If Accept they come back to your website with a ?code
  6. You exchange the ?code for an access and refresh token

You are getting an invaldi CSRF token as the security system is preventing you trying to do this wrong.

Here is an implict auth (not code auth which you want to use) example to demonstate the flow

OHHH ok i understand … Thanks BarryCarlyon. Thanks so much

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.