I want to use API requests to easily manage my channel points rewards. Specifically I want to be able to enable/disable rewards.
-I registered a new app in my developer console.
-I granted permissions to that app to read and manage rewards.
-I retrieve the list of rewards. Nice!
-Then I try to edit one of them (just change the is_enabled flag) and FORBIDDEN. Why?
So my guess It’s that, via API, one app can only modidfy the rewards created previously by the app itself (using the create entry point). And this is a safety measure since, hypothetically, I could grant permissions to N different apps, and all of them could create new rewards. And if all those apps could edit the rewards from everyone else, it would be a bit of chaos. Right?
But my point is, if my app is linked to my twitch user, and that app makes a server request to edit a reward (created by me using the web dashboard), shouldn’t the system be able to recognize that the app is actually me and then allow the edit??
That’s a bummer then dunno, it sounded so obvious to me… Then I guess it’s impossible to do the functionality I was looking for: to be able to enable/disable rewards (created by yourself via dashboard) via API request.
Hmm then my next natural question would be: would it be possible to get the ClientID/Secret/whatever from Dashboard to do server requests in its behalf?