New dev - Client ID best practices?

This is my first project working with APIs, IDs, and tokens, and I’m trying to get a grip on how to best implement my client ID.

I have developed a program that pulls some general video information from the API and displays it for the user. The program works in testing, but right now my client ID is hard-coded into the program in order to access the API.

Am I utilizing the client ID correctly in that sense? I mean, there’s not some other dynamic approach that I should be implementing, right? If I understand the tokens correctly, OAUTH tokens are dynamic, but they’re for accessing account-specific information; but there’s no user-based client ID that is personal to each person that uses the program, is that right?

Also, if something happens to my client ID or to my Twitch account, does that compromise my program’s functionality?

Any advice or direction is appreciated!

Client IDs are per-application so hard-coding it is fine. Deleting your Twitch account or regenerating the application secret may affect functionality… Always properly secure your accounts!

Rather than hard coding it, consider putting it into a config file.

And your app loads said config file.

Then if you need to change your clientID you only need to change it in one place rather than having to grep/search your whole codebase.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.