OAuth callback with php, what am I doing wrong?

I’m trying to create a PHP callback script for OAuth authorization:

	$client_id = 'MYCLIENTID';
	$client_secret = 'ACLIENTSECRET';
	$redirect_uri= "http://plox.nu/oauth/callback.php";
	$authorization_code = $_GET['code'];
	$url = '[https://id.twitch.tv/oauth2/token'](https://id.twitch.tv/oauth2/token');

	$data = array(
		'client_id' => $client_id,
		'client_secret' => $client_secret,
		'redirect_uri' => $redirect_uri,
		'code' => $authorization_code

	$options = array(
		'http' => array(
			'header'  => "Content-type: application/json\r\n",
			'method'  => 'POST',
			'content' => json_encode($data)
	$context = stream_context_create($options);
	$result = file_get_contents($url, false, $context);


However I only get Error 500’s when trying it out. Anyone see the error?

Your URL is malformed

$url = 'https://id.twitch.tv/oauth2/token';

You you should be using cURL not file_get_contents. FGC is normally blocked from making HTTP requests on most providers for security reasons

Provides a PHP example

Line 38 onwards specifically

Apparently $_GET[‘code’] is not set when falling to the callback. How can I try to trace the cause of this?
My authorization link:

The URL it redirects to is clean without any arguments. If I deny access then it will give me an error, but not if I allow it.

Your response_type is force_verify

it should be code for this example

Line 27 of this example shows a URL being constructed.

ClientID’s are public there is no need to hide this

Should be


You can optionally add


if you need Force Verify

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.