Hi, I’m super new to using the Twitch API so thanks in advance for your help. I have an EventSub for a couple of streamers. Several of my streamers have reported my application no longer works after they reset their passwords.
When I check the eventsub subscriptions for the streamers who reported the app not working I see that the subscriptions are in a “status”: “authorization_revoked”. I assume that’s because of the password change.
So my question is this, do I need the streamers to re-authorize my app every time they change their password? Or if I receive a Event Revocation (as described here EventSub | Twitch Developers) can I just have my code attempt to resubscribe?
Streamers are also warned prior to password change that it will revoke all connections.
No, you’ll get a 403 forbidden as the auth is dead.
Revoke means revoke. Permission is no longer granted.
If you attempt to resub immeditely you’ll get a 403 as permission is dead.
The streamer will need to reauthenticate.
Now creating on auth.grant that makes sense.
But on a revoke, you’r privledged access is gone.
So in summary:
user changes password
all tokens/access is revoke
you get a auth revoke
Nothing works for a while/unknown amount of time occurs/subs to priv data doesn’t work
Thanks @BarryCarlyon ! Follow-up question. If a user changes their password then re-auths my app. Will the existing subscription change from “status”: “authorization_revoked” to “status”: “enabled”? Or should I delete the eventsub for that streamer once I receive the eventsub revoke message and issue a new subscription call once they re-authorize the app?
You don’t need to do anything. Dead subs will “float about” in the list for about 10 days and self disappear
Not Active (ie: enabled) subscriptions (auth revoke/dead for another reason) don’t count to your active subscription count/don’t block subs being created
Just make subscriptions when they authenticate.
In some cases/applications I try to make subs everytime they auth and ride the 409 conflicts out
