I’m attempting to move my popular app from the Kraken API to the Helix API.
So basically, it’s not possible to access Twitch API’s anymore without the user logging into to Twitch, and authenticating my app? Is that correct?
Helix requires a token. (As does a fair chunk of v5 but legacy apps had clientID only access for an extended period iirc)
To access data in a front end scneario use implict auth.
To access public data in a server scenario use an App Access/Client Credentails token.
For a website the website should call the backend and use the relevant token to talk to twitch.
Or move to EventSub for live status/etc and server side caching for data rather than direct API calls, which could also be considered good practice.
1 Like
Thank you! I missed the app token. That works great.
It seems to last about 55 days from the “expires_in” field? Is this subject to change at all?
App access tokens tend to “wander” somewhere between 55 and 65 ish
Similar to implcit users tokens.
The documentation doesn’t state what the duration will be. So probably.
The example in the docs says 3600 which it naturally isn’t 
So best bet is to honor the response from the Token Generation API and/or whatever the Validate Endpoint reports when testing a token.
Personally I tend to test my App Access tokens every hour or so (on a CronJob) and auto regenerate them if they have less than a day ish left.
So if the duration changes my code doesn’t care as it’ll just regenerated when theres not much time left on the active token.
Just a reminder these are for “Server to Server requests”. And shouldn’t be used in client facing code.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.