I am trying to understand what is required on my end as a developer for the authentication flow for requesting broadcaster abilities in regards to extensions. I understand the overall flow but am unclear on getting the user prompt for authorization and where is the callback/redirect endpoint that I should be catching on the EBS side.
For example, if I need the scope ‘chat_login’, I can add it to the list in the Extensions Dashboard under “Extension Capabilities”. But then when I go to test out my extension locally and I go to activate it, it never prompts me for authorization request.
Based on the documentation here → https://dev.twitch.tv/docs/extensions/reference#set-extension-broadcaster-oauth-receipt
If your extension needs to perform Twitch API actions on behalf of the broadcaster, it can specify a list of OAuth scopes in the required_broadcaster_abilities part of the manifest.
If this list is present, the broadcaster is presented with the usual Twitch OAuth flow when he tries to activate the extension.
I have seen other extensions currently live that are using OAuth through their configure page but based on that paragraph above I was assuming that when a broadcaster tries to activate the extension it will automatically prompt and then send the appropriate information to a callback/redirect url on my EBS.
Also, in that document above, what exactly is the ‘manifest’ and where is that edited? I was assuming it was through the “Extension Capabilities” section but not clear on that.
Any help is appreciated