I'm having trouble showing an ad using API

Andrei_Coelho · July 22, 2023, 10:23pm

Hello! I’m asking this question because I got stuck on this problem and I’m not sure how to solve it.

I get the Type Barer token using the route: ‘https://id.twitch.tv/oauth2/token’, which returns me:

{
  access_token: 'dummy_token_1',
  expires_in: 5034336,
  token_type: 'bearer'
}

With this token I retrieve the id using the route https://api.twitch.tv/helix/users?login=jaguaronfire, which would be the same as the broadcaster_id, right?:

{
  data: [
    {
      id: '999999999', // <-- this guy
      login: 'jaguaronfire',
      display_name: 'jaguaronfire',
      type: '',
      broadcaster_type: 'affiliate',
      description: '',
      profile_image_url: '',
      offline_image_url: '',
      view_count: 0,
      created_at: '2023-07-03T21:40:14Z'
    }
  ]
}

With this information, having make the channel show a commercial:

const resp = await fetch('https://api.twitch.tv/helix/channels/commercial', {
        method:"POST",
        headers:{
            Authorization:'Bearer dummy_token_1',
            "Client-Id":"my_client_id",
            "Content-Type":"application/json"
        },
        body:JSON.stringify({
            broadcaster_id:"99999999",
            length:30
        })
})

However, I receive the following message:

{
  error: 'Unauthorized',
  status: 401,
  message: "The ID in broadcaster_id must match the user ID found in the request's OAuth token."
}

What should I have done to get the id correctly? I’m not understanding this.

Just for observation:

The application was created within the channel account I’m trying to access.

Dist · July 23, 2023, 8:04am

Ensure you’re getting the correct type of token. If you’re using the Client Credentials flow this will generate an App token, which does not represent a user and so can not have scopes on it and can not use endpoints that require scopes (there are some exceptions but they are not important here).

If you’re doing this server-side, you’ll likely want to use the Authorization Code flow, or if you’re doing this client-side the Implicit flow. Make sure to also request the channel:edit:commercial scope as that’s required to start a commercial.

You can verify this is the correct token by using the Validate Token endpoint. If it is a User token you’ll see the user id and the scopes among other things. If you’ve generated an App token the validate endpoint will not return any user id and so will not work for what you’re trying to do.

Andrei_Coelho · July 23, 2023, 4:42pm

That’s exactly it!

{
  client_id: 'client_id_here',
  scopes: null, // <---
  expires_in: 4709459
}

But how do I get a user token? I didn’t find it in the documentation!

BarryCarlyon · July 23, 2023, 4:42pm

is the “normally used” user token flow

Andrei_Coelho · July 23, 2023, 5:08pm

If I understood correctly, I need to use one of the four alternatives below, right?

And they all just return the token in the uri redirect_uri, is that it?

I’m doing this on the server side.

BarryCarlyon · July 23, 2023, 5:10pm

If you use implicit you’ll get a #access_token=asdasdasd
if you use Authorization Code flow you’ll get a ?code=asdasd and you exchange the ?code for an access and refresh token

For your use case you generally would not use OIDC

You would generally use oAuth Authorization Code Grant Flow to get a refresh token so you don’t need to get a new token periodicially.

Andrei_Coelho · July 23, 2023, 5:11pm

ahhh ok! I understand now! Thanks!

system · August 22, 2023, 5:11pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.