I’ve been trying to learn through the Twitch API docs the last few days, and I’ve hit a point where I’m struggling to retrieve a list of moderators. I’m getting a 401 / Unauthorized error, with an invalid oauth token error… I’ve tried both of the user access tokens, but I did notice on the docs it mentions:
" broadcaster_id must match the user_id in the auth token. 1"
So does this mean that this GET request is limited to the broadcaster themselves, or is there a way to GET the broadcaster ID? If I wanted to get a list of Shroud’s mods… I wouldn’t have to have some sort of access ID from him would I?
Just to add, I have my Client-ID and Authorization headers, and I’ve been using postman to learn.
If you wanted to get a list of Shourd’s mods, you would need Shroud to go through your apps OAuth flow, with the moderation:read scope, to grant you an access token that you can use to get the list of mods for his channel.
It’s the same for endpoints such as Get Broadcaster Subscriptions, you need the broadcaster themselves to grant you access to that data, you can’t use a token from your channel to access someone elses data that’s behind a scope.
Ah okay, so if I wanted to have a web app that had access to that sort of thing, I could create a form where they put their ID and I do the rest in the script?
I guess I could just make some mods and my own channel and then try it that way. How long does the access token last?
So I set up a new twitch account to try and do this request on my own moderators, and I’m still receiving:
"error": "Unauthorized",
"status": 401,
"message": "Insufficient authorization in token"
I logged into my account, registered a new app, and sent this to get my Oauth token (I tried both implicit, and authorizatoin code flows), the request I sent was:
Again the client ID and authorization are not the actual ones. If there’s anything I’m missing or more information please let me know, I really appreciate the active people on the twitch dev forums, there’s so much info and so much to learn!
client ID’s are public, there is no need to redact your clientID.
Did the oAuth prompt state that you were asking for the moderator read scope?
Here you seem not have URL encoded the redirect_uri and might have got an unexpected result
You can call Authentication | Twitch Developers to check if the token has the needed scopes, is of type user, and has the user_id 454325344
Your postman call looks to have a bunch of extra headers, including cookies.
If that cookie is a Twitch cookie that might be interferring with the request. You are sending way more headers than is normal for an API call. Unlikely to be a problem but worth it to rule out.