Invalid OAuth token

I am having trouble requesting user data.
{‘error’: ‘Unauthorized’, ‘status’: 401, ‘message’: ‘Invalid OAuth token’}

Steps to reproduce:

  1. Register application:

  2. Get a app access token
    with these parameters:
    “client_id”: myid,
    “client_secret”: mysecret,
    “grant_type”: “client_credentials”,
    “scope”: (" ".join(scope))

  3. Request userdata via login name
    with parameters:
    “login”: login
    with headers:
    “Client-ID”: myid,
    “Authorization”: Bearer myappaccesstoken

  4. Print token in json format for debugging
    {‘error’: ‘Unauthorized’, ‘status’: 401, ‘message’: ‘Invalid OAuth token’}

Thanks in advance!

For 3 what was the actual URL you called.

It’s unclear from what you wrote if you did

or something else

As your entire flow is correct it’s just unclear what you actually called

and concatenating the login parameter via HTTP library

So what is the actual URL you are calling?

Is your code doing

r = requests.get('')

or something else?

Your error suggests that the login is not being passed correctly and as a result the oAuth token is being used to look up the user, but the token doesn’t have a user, hence the error

Here is a code snippet from function

this is defined
self.url =

get_userdata_by_login(self, login)

value = HTTPManager.request(


                url=self.url + "/users",

                params={"login": login},


                    "Client-ID": self.client_auth.client_id,

                    "Authorization": f"{self.authorization_prefix} {self.access_token_manager.access_token}"


which calls:








is authorization_prefix Bearer or bearer as bearer won’t work

self.authorization_prefix = “Bearer”

I don’t see anything else obvious, assuming this code generates the URL we think it does.

So we’d have to debug to make sure it’s constructing the URL we think it is.

Which brings us back to the first question

What did the code generate to call?

And, did it construct the header as expected?

The url has login name of my application name:

The issue seems to between getting the token and then using it.

I get an access token
{‘access_token’: ‘REMOVED’, ‘expires_in’: 5327322, ‘token_type’: ‘bearer’}
but after that the access token isn’t passed to the twitch api request
{‘Client-ID’: myid, ‘Authorization’: ‘Bearer None’}

Removed your access token, they should never be posted publicly

So the fault is in your code somewhere since it doesn’t have access to the token?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.