Help Understanding OAuth

asimonis01 · February 4, 2019, 5:19pm

Hey All -

I’ve been looking through these forums and the documentation the past few days, and I have what are probably some pretty dumb questions.

First off, I was calling the following to Authenticate a twitch user on my application - https://api.twitch.tv/kraken/oauth2/authorize?response_type=code&client_id=ID&redirect_uri=http://localhost

This works fine and returns the URL plus 2 parameters, Code & Scope. Am I supposed to do anything with these? What is the Code used for?

When a user is authenticated like that, how am I able to see their information (Name, Stream URL, Description etc) in my application?

If/when I do get that information, do I need to create a second username in my own database for them to log in with? Or is them logging in with twitch enough that they won’t need a log in for my own application? I’m struggling with understanding the relationship between Twitch API, Twitch Username, OAuth, and storing information in myDB through myAPP.

I’ve also had success calling POST https://id.twitch.tv/oauth2/token?client_id=ID&client_secret=SECRET&grant_type=client_credentials to get an access_token through postman, but I’m also having difficulty calling that in .NET code behind and storing the access token as well.

Any help here is appreciated - the high level stuff is what’s bugging me most, and understanding how to move forward.

Thanks!!!

BarryCarlyon · February 4, 2019, 6:07pm

This gives you a Server Token, which is only useful to give you a higher request rate for non user API requests.

You take the code and perform step three of the oAuth dance, you exchange the code for an access token, as documented:

3) On your server, get an access token by making this request:

POST https://id.twitch.tv/oauth2/token
    ?client_id=<your client ID>
    &client_secret=<your client secret>
    &code=<authorization code received above>
    &grant_type=authorization_code
    &redirect_uri=<your registered redirect URI>

After obtainin an access token via step 3 of hte oAuth dance you can make an authenticated request to

https://api.twitch.tv/helix/users

as documented:

Thats entirely up to you and how you wish to handle oAuth/third party service logins/session management.

Topic		Replies	Views
Query string with "Login with twitch" API	3	1338	June 8, 2018
How to obtain OAUTH for our app users? Chat and IRC	7	6020	July 13, 2018
App authentication on order to get access_token API	7	4289	November 23, 2016
Basic Twitch Connect OAuth Help API	10	13400	May 15, 2016
I want to know how i get the access token API	7	3613	July 12, 2020

Help Understanding OAuth

Related topics