Hello guys,
Create an app get client_id and client_secret
Get a CODE using https://id.twitch.tv/oauth2/authorize , redirect to localhost set scope to moderation:read.
Copy the CODE and use it to generate an ACESS_TOKEN using https://id.twitch.tv/oauth2/token
Copy the ACESS_TOKEN and try to use it to Check AutoMod Status here https://api.twitch.tv/helix/moderation/enforcements/status
I get
{
"error": "Forbidden",
"status": 403,
"message": ""
}
Can you please tell me what am I doing wrong?
You did call this API with a token from the broadcaster
as per Reference | Twitch Developers
Provided broadcaster_id must match the user_id in the auth token.
So do do a “check” on Ninja’s channel you need a token from Ninja
I’m guessing you mean the second step “Get a CODE using https://id.twitch.tv/oauth2/authorize ” where a manual action is needed to grant permission. Here I just allow it for my channel which is the same as braodcaster_id
Can you show the full request you are making to the status API (with token redacted)
I do not quite understand what you mean, sorry
I don’t have any code yet, I’m just using a REST client
Step 1:
GET https://id.twitch.tv/oauth2/authorize
?client_id=<client_id>
&redirect_uri=http://localhost
&response_type=code
&scope=moderation:read
Step 2:
POST https://id.twitch.tv/oauth2/token
?client_id=<client_id>
&client_secret=<client_secret>
&code=<code>
&grant_type=authorization_code
&redirect_uri=http://localhost
Step 3:
POST https://api.twitch.tv/helix/moderation/enforcements/status?broadcaster_id=<broadcaster_id> HTTP/1.1
Authorization: Bearer <access_token>
Client-id: <client_id>
Content-Type: application/json
{
"data": [
{
"msg_id": "someid",
"msg_text": "there was a time",
"user_id": "some_user_id"
}
]
}
Looks like it’s broken.
if I call with a “incorrect” broadcaster_id I get a 403
Reporting issue now
This means I have the wrong broadcaster_id ? I put my twitch username there. I tried with the numerical ID but still “Forbidden”.
All I can tell you is that it’s completely broken.
Added my findings to
opened 03:28PM - 25 Nov 21 UTC
closed 12:37PM - 28 Nov 21 UTC
product: api
**Brief description**
Currently `Check AutoMod Status` is broken.
It eithe… r returns
My token, correct scope, wrong broadcaster_id
`https://api.twitch.tv/helix/moderation/enforcements/status?broadcaster_id=26610234`
```
{
"error": "Forbidden",
"status": 403,
"message": ""
}
```
My token, correct scope, correct broadcaster_id
`https://api.twitch.tv/helix/moderation/enforcements/status?broadcaster_id=15185913`
```
{
"error": "Internal Server Error",
"status": 500,
"message": ""
}
```
**How to reproduce**
Post to
`https://api.twitch.tv/helix/moderation/enforcements/status`
with body as follows, or the example from the docs.
```
{
"data": [
{
"msg_id": "123",
"msg_text": "Hello World!"
},
{
"msg_id": "393",
"msg_text": "Boooooo!"
}
]
}
```
**Expected behavior**
Correct error message when the user_id in the token is not the user_id in the query string
Correct response when using the right data reporting enforcement values, not an error
**Additional context or questions**
Original report
https://discuss.dev.twitch.tv/t/keep-getting-forbidden-status-trying-to-call-the-api/34972/
Also, the example for Check AutoMod Status in the docs does not include a broadcaster_id: Reference | Twitch Developers . Just sayin’
Is some_user_id a real user ID if it’s not then you get an unexpected result (500)
If broadcaster_id in the URL doesn’t match the user ID in the token you get a 403.
So we need to debug your issue further
Yes, the some_user_id is a real id, and the broadcaster_id is the one who allowed the code generation at step 2.
Then I’m not sure why it’s not working for you.
I retested the API with real data and it’s working fine for me. My initial mistake was using the user ID from the example in the docs which is a dead user
If I run
using broadcaster_id or 15185913
{
"data": [
{
"msg_id": "cat",
"msg_text": "Hello World!",
"user_id": "15185913"
},
{
"msg_id": "393",
"msg_text": "Boooooo!",
"user_id": "15185913"
}
]
}
I get the expeceted result
{
"data": [
{
"msg_id": "cat",
"is_permitted": true
},
{
"msg_id": "393",
"is_permitted": true
}
]
}
My tokens validate output
Using https://barrycarlyon.github.io/twitch_misc/examples/token_checker/ to check
So all I can see is it’s working as expected here
So we need to work thru your steps further.
This being my rest clients (insomnia) test output.
Ok, I tested, and it worked for me also. The problem was that I didn’t use a numerical “user_id” and “broadcaster_id”. I thought that user_id refers to the author of the message, not the broadcaster.
Yeah that’ll do it
Err it does, you just have to use the ID of the user not the users login.
The screenshots I used above are a bad example as I used my own ID in both.
You want to test that a message of Hello World! from noylraCyrraB that is to be tested against the AutoMod on channel barrycarlyon
The URL is
https://api.twitch.tv/helix/moderation/enforcements/status?broadcaster_id=15185913
And the headers contain a token for 15185913
And the JSON POST body is
{
"data": [
{
"msg_id": "cat",
"msg_text": "Hello World!",
"user_id": "61788418"
}
}
As a message from the broadcaster in the broadcasters own channel will always pass automod.
Thanks a lot man! It works like a charm
Thanks man! I guess I’ll just follow the issue
