Keep getting missing client_secret when using Twitch API (OIDC Authorization Code Flow)

I am trying to use Twitchtv API to get online users. I am just at the very first step. I have registered an application and got Client ID. I use OIDC Authorization Code Flow to authenticate my registered redirect URI.

I put the below URL in the web browser to get code:

Then I extract code from Redirect URI.

Then I put the below code into Mac Terminal: curl -X POST

But instead of getting a JSON response with access token, refresh token (etc.) information, I get {“error”:“Bad Request”,“status”:400,“message”:“Missing required parameter “client_secret””}

I have been struggling this for two days…I also tried OAuth Authorization Code Flow but got the same result.

Also, when I click New Secret (to get my first client secret), do I need to click submit?

I guess there might be some problems with (a)redirect URI or (b)“curl -POST” in terminal or ©Client Secret…

Anyone can help…?

The reason you’re getting a 404 is because you’re POST’ing to the wrong URL. should be

    ?client_id=<your client ID>
    &client_secret=<your client secret>
    &code=<authorization code received above>
    &redirect_uri=<your registered redirect URI>

Hi! I corrected it according to your reply but still got the same result…

as per OIDC Authorization - Bad Request - PHP

Check your headers are right.

Personally I’m running (for nodeJS Express/Request)

    var code = req.query.code ? req.query.code : false;{
            url: ''
                + '?client_id=' + config.twitch.client
                + '&client_secret=' + config.twitch.secret
                + '&code=' + code
                + '&grant_type=authorization_code'
                + '&redirect_uri=' + config.twitch.redirect,
            headers: {
                'Accept': 'application/json'
            gzip: true,
            json: true
        }, function(e, r, b) {
            if (e) {

            } else if (r.statusCode == 200) {

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.