I got an issue while call API create clip on Twitch new API. First, I create a token with scope clips:edit and then using that token to call create clip API, but it always return 401 Unauthorized with message “Missing clips:edit scope”
Note: I used Postman to call API for testing. Please see attached screenshots
Anyone can help me on this? Thanks in advance!
Have you checked the token itself by passing it to the root kraken endpoint https://api.twitch.tv/kraken/ as the header
Authorization: OAuth .....? This’ll let you confirm it’s both a valid token and has the correct scope.
Secondly, are you sure it’s a user access token and that you’re not trying to use an app access token?
Thanks for your promptly response. Actually, I’m using app access token to call create clip API because I don’t see any documents mentions (or i’m missing) that we must use user access token for create clip API. I just use app access token for almost new APIs, I don’t get any problems.
Anyway, I have just tried with user access token. It is OK now. Thanks so much!
Any time you are performing an API request on behalf of a user you need to use a user access token. In the case of create clip the docs mention:
The new clip is marked as having been created by the user specified by the OAuth token .... which is why you need a user token and the appropriate scope.
A simple guide to follow is that if no token is required at all, then you can use an app access token to make use of increased Helix rate limits. If a token is required then it’ll be a user token with whatever scopes that endpoint needs.
Thanks for your explain. It’s clear.
Wonder if the doc language can nonetheless be improved to add a stronger warning to the docs that only
oauth tokens are valid to use for this. I also didn’t make the connection when reading and fiddled with non-
oauth tokens for a while before Googling to find this thread
Happy to take a stab at a re-wording though not sure if docs are driven from a GitHub repo?
If the docs are to be changed it’s up to Twitch. It’s not the clearest of wording, but it is mentioned, and it makes sense that a user token is needed as it is an endpoint that requires a specific scope to perform actions on behalf of a user.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.