I don’t know if i’m the good category. I’m sorry for my english, i’m french developper.
I developed a Twitch bot that connects to the WebService Pub / Sub. At the authentication level, it is indicated in the documentation that we must use the Oauth Flow to obtain a token access.
On the one hand I was very surprised that it is necessary to obtain an access_token of the concerned Twitch channel directly when one wants for example to listen to the events of moderation while I am, with my account, moderator of the channel in question.
So I had to ask the owner of the channel to fill out an online form which generated an access_token that he sent me.
I would have used the server to server method to get access_token since I have client_id and client_secret but the key obtained did not allow me to use the Pub / Sub service.
So my question is as follows: Do we have to use a “user access tokens” type key to access the Pub / Sub service.
I find this a shame because I usually work with “app access tokens” to query the classic API (New Twitch API).
First of all thank you for your very quick response.
In this case, can you tell me how long is the user access token generated in this way valid?
I don’t really want to have to contact the owner of the channel every 60 days to ask him to generate a new one. And since I didn’t follow the user feed, I don’t have the expiration date provided.
I have a little trouble understanding I will not lie to you.
Two different operations are mixed here. On the one hand obtaining an acces_token which must be done graphically and manually.
So I have to write this acces_token in a hard copy (and if necessary also store the refresh token) so that my application can use it as part of its connection to the Pub / Sub service.
BUT, I must also whenever I use it, use the refresh function, which is completely backend. And the newly generated token access must replace the old access_token in my configuration to be used.
In reality if we follow your logic, I have to store the two keys permanently and have them changed, my program must, on each startup, refresh the access_token so my configuration changes constantly?
Do you understand that we mix frontend operation and backend operation in the same process?
One last question. If I don’t start my program for a while, let’s say several weeks. Will the token refresh function by providing the old + refresh_token, still work?
I’v to store the two tokens for sure in a text file and i go erase it every token refresh with the new tokens… i’v made a little program in node.js, i don’t have a database and i dont want to make too complexe application. I’v just a doubt on the initial config file…
Can i refresh a very old access_token for life or just the more recent given ?
You get a new access token, with the refresh token and your Client Secret. You can lose the access token and still get a new token, if you have the refresh token
Oh yes I misunderstood the documentation correctly, I read it and I misunderstood. Sorry.
In this case it is useless that I store the access_token if I understand correctly, I just need to store the refresh_token and ask, each time I start my program, a refresh to use directly and dynamically the access_token provided which changes each time my program starts?
I specify: My program does not change state once started and does not subscribe to any topic dynamically, everything is done at the beginning and it runs like this for weeks / months.
If in any case it is necessary to call on an API to validate my token, as much to regenerate it directly it goes faster.
