Getting authorization token within url fragment

So today i tried to “connect” to twitch api with php but now im stuck on that authorization token is in the url fragment and i dont know how to get it


Code: <?php

use NewTwitchApi\HelixGuzzleClient;
use NewTwitchApi\NewTwitchApi;

require 'vendor/autoload.php';

$urlGen = new urlGen();

echo '<a href="'.$urlGen->generateURL().'">Authenticate Me</a><br/>';

    echo "error: " . $_GET['error'] . "<br>";
        echo "error description: " . $_GET['error_description'] . "<br>";
    echo "code not set" . "<br>";

$conf = new Config();
$accessToken = $_GET['access_token'];


// The Guzzle client used can be the included `HelixGuzzleClient` class, for convenience.
// You can also use a mock, fake, or other double for testing, of course.
$helixGuzzleClient = new HelixGuzzleClient($conf->getClientId());

// Instantiate twitchApi. Can be done in a service layer and injected as well.
$newTwitchApi = new NewTwitchApi($helixGuzzleClient, $conf->getClientId(), $conf->getClientSecret());

try {
    // Make the API call. A ResponseInterface object is returned.
    $response = $newTwitchApi->getUsersApi()->getUserByAccessToken($accessToken);

    // Get and decode the actual content sent by Twitch.
    $responseContent = json_decode($response->getBody()->getContents());

    // Return the first (or only) user.
    $user = $responseContent->data[0];
} catch (GuzzleException $e) {
    // Handle error appropriately for your application
    exit("error occured");


For PHP you really should not be using implicit auth. As a “server” cannot see the URL Fragment. Implicit auth is intended to be used for apps that don’t have a server.

You should use something like

  1. Redirect to Twitch
  2. They come back with a code
  3. Exchange the code for an access token
  4. ???
  5. Profit

ok and can you give me some suggestion on how to exchange the code for an acces token

Ok thanks I got it working somehow but now I want to ask if I can reuse the south token or the authorization code so the user can walk through the process just once

The south token? What is “south token”?

The ?code= is valid for one exchange to an access token.

Then you may store and use the access token (and it’s refresh token)
You can use the refresh token to generate a new token if/when the access token expires.

Ok thanks for help(sorry for the south token I was writing from phone )

nvm i run into another problem the api im using doesnt support getting subscribers so how can i get the data from user acces token(or how to do the request) and how can i check if user has sub somewhere

To get subscriptions status, requires an oAuth token from the broadcaster, with the relevant scopes attached

So if you want to see if I am subscribed to CohhCarnage and/or Lirik, you need

  • A token from CohhCarnage
  • A token from Lirik
  • My userID, (usually got from asking me to login to your site)

So you need user access tokens from the broadcaster you want to lookup against. A “privileged” access token is generated the same way as you would a “non privileged” token.

A more lengthy answer to the same question is on Check if user is subscriber - API - Twitch Developer Forums

ok and is it possible to check larger volume of people something like 100 - 300

The first parameter defines the page size

Then you will get a pagination cursor value

use that with the after parameter to navigate pages of results


  1. what is the broadcaster id is it the id i get with email name etc.
    2.when im getting subscribers max number in request is 100 so i need to send multiple requests?
  1. You can use the token with the users endpoint to get the users ID. A user is also a broadcaster. different works are used to describe with endpoints that deal with more than one users

  2. Yes, load a page, get the cursor, load the next page. Repeat till no more cursor

Is it somehow possible to get the “sub streak”(the think you got next to name in chat) i want to filter only subscribers with something like 2 months streak for example

“Tenure data” is not in the Helix (or kraken) APIs

You can only “capture” it from Twitch chat when a user shares their sub in chat

See also

Then what are the dates you get when you request subscriber/s

The date of the last no gap in the subscriber payments.

So it doesn’t even represent the current streak

So If I understand it correctly someone buys sub somewhere on 1.1 the he will pass one month and sub again on 3.3 and that’s the date I’ve got and it will be the same till another resub

Buy one month
Take a break
Buy another month

The date will be set to the third month

Buy one month, don’t auto renew
Buy another month when the first month dies

The date will be set to the second month
It’s also possible the the date won’t change in this scenario

Basically the created_at in kraken is useless for tracking subsriber duration

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.