Oauth token & Last sub

I use this method in php, but I always redirects to another site regardless of what is specified in the redirect


Should continue to be sent token on the redirect link, but I always redirects to another site.

It will either redirect to the site specified in the redirect_uri or an error page

The redirect_uri must match the one for that clientID

With a response_type of token, you should get redirected to (after auth):

https://[your registered redirect URI]#access_token=[an access token]

Then you can use javascript to consume the access_token

Are you sure you are using the right flow?

Thanks, the problem was the registered address of the application (there was another), and about the access key which is transmitted after. #access_token=[an access token]. How to get it into a variable (save)?
My code

    header('Location: https://api.twitch.tv/kraken/oauth2/authorize?client_id=token&redirect_uri=http://game-stats.ru&response_type=token&scope=user_read+channel_subscriptions');

Implicit code flow

Servers do not receive the # (hash) of the URL. You must capture that with Javascript.

if(location.hash.indexOf('accent_token') > -1) {
    let token = location.hash.split('=')[1];
    // ... Do something with token

Or in the modern era:

if(location.hash.includes('access_token')) {
    let token = location.hash.split('=')[1];
    // ... Do something with token

Authorization code flow

Servers will receive the ? (search) of the URL. You can capture that on the server-side.


if(isset($_GET['code'])) {
    $token = $_GET['code'];
    // ... Do something with token

Thank you, can be another hint as it directly documentation doesn’t say how via a url query to pass in an oauth request

Ex: https://api.twitch.tv/kraken/channel?client_id=123&access_token=".$code
access_token, code or oauth. What exactly you need?

Like this:


but the preferred method would be to use headers.

Thanks, You need to add for transmission via curl (php)?
my code:
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, “https://api.twitch.tv/kraken/channel?client_id=12345&oauth_token=”.$code);
//curl_setopt($curlInit, CURLOPT_HTTPHEADER,array("Authorization: OAuth ".$code ));
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$response = curl_exec($ch);
echo $response;

response {“error”:“Not Found”,“status”:404,“message”:null}
If you go through a browser on the same link, then it works

I am guessing that you are authenticated to Twitch in the browser, and therefore, it returns data. From curl, you are not authenticated and must provide the OAuth key that ties the channel/ endpoint to a particular broadcaster based on that OAuth.

Check to make sure your $code is valid and being pulled back, I suppose, if you are getting an error.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.