Hello twitch dev community,
I’am a really new ‘developer’
So i need some help to discover and know some new things about twitch api.
I use Postman to use the API but when i use “https://api.twitch.tv/helix/channel_points/custom_rewards/redemptions” I fill authorization and Client-id and also fill the params but it return
"error": "Unauthorized", "status": 401, "message": "Missing User OAUTH Token"
and i dont know the way to use it .
Can someone help me thanks in advance.
You need to go through the Authentication process, documented here: https://dev.twitch.tv/docs/authentication, using either the Implicit or Auth Code flow with the
channel:read:redemptions scope so that you can grant a User Token.
Keep in mind that you can only access the redemptions for rewards created by the Client ID you’re using (so you wont get redemptions for rewards created on the dashboard), and only for the user that goes through that OAuth process to grant you those permissions.
But i still unknowing where i put this User token
in Params or Headers and with wich form ?
Because it retrurn me 400 Bad Request
You need to specify both the
Authorization as headers, as shown in the example in the documentation https://dev.twitch.tv/docs/api/reference#get-custom-reward-redemption
Of course, but in params I have
broadcaster_id and scope but still response Bad request 400
scope isn’t a param you use in the API request. You specify the scopes when the user goes through the OAuth flow.
Oh ok thanks, but still same error i give you params and header :
Authorization 2x : Bearer + Oauth Token
Client-id : client-id
Broadcaster_id : 109803778
reward_id : reward_id
I am sure i do somethings wrong or I forgot something but i can’t know what it is
What’s the error message you’re getting in the response?
Could be an issue with Postman or something because the fact that your getting HTML back, and not a standard JSON error means something is really screwing up with your request.
Can you show us the Headers you’re sending (with the OAuth token removed) so we can check that they aren’t malformed in some way.
Why do you have Authorization twice?
Just like the documentation shows, you need 1 Client-ID header, and 1 Authorization header. The Authorization header must be a User Token, whose user id matches that of the
broadcaster_id, and the Client ID must be the Client ID used to create that token.
Can you show me an exemple of the expected header and params ?
Because if I let 1 Authorization he tell me
"Missing User OAUTH Token" and i dont know what this mean .
I may be forgot to say thaht i use an account as a bot so i use one Oauth token to use it.
If you use just 1 OAuth token and it says you’re missing a User OAuth token, it’s because that token isn’t a User Token.
Use the Validate Tokens endpoint https://dev.twitch.tv/docs/authentication/validate-tokens with the token. If it doesn’t include a
user_id, and the
channel:read:redemptions, it means you’re using the wrong type of token. Also, that
user_id associated with that token MUST match the
broadcaster_id of the channel point redemptions you’re attempting to get.
Hahaha i’am so lost my two token return something that is not related to the expected response .
So i think i don’t have the Oauth token of my app ?
Im really confused x)
If the validate token doesn’t return a user id or login, it’s an App Token from the Client Credentials flow, which can’t be used for anything requiring user permissions as it doesn’t represent a user.
As I linked in my first reply, follow the Authentication docs, and use the Implicit or Auth code flows which will result in you going through Twitch to agree to the permissions of the scopes specified and give you a User Token.
Thanks you so much I finally pass this step.
I was so far too find the soluce without you
Thanks Dist see you !
I have an other issue at each POST it told me that one of the params is Missing while it is here with
https://api.twitch.tv/helix/moderation/bans this is
https://api.twitch.tv/helix/polls this is
And you’re correctly sending the params how it tells you? For example, when POST’ing to either of those endpoints you need the 2 missing params you mentioned need to be in the BODY of the request, structured in the way the documentation tells you to structure it.
Yeah i did it like the picture