Revoking Client-ID and All Access Tokens

This concerns all aspects of the developer tools available: API, IRC, PubSub, etc. If this is not the correct location to post this, please advise.

I recently deleted a personal project from dev.twitch.tv. I would like to revoke the Client-ID and all access tokens (user tokens, app access tokens, etc.) that were created using the Client-ID.

Is the Client-ID automatically revoked by deleting the application? For all of the access tokens, are these automatically revoked if the Client-ID that was used to create them is also revoked, or do these need to be individually revoked as described in the Authentication documentation? I would assume (and hope) it’s the prior since the Client-ID should be effectively unregistered.

Basically yes but it can take a little time for current access tokens to die

I forgot to add one bit. This Client-ID is an “older” one. At least one of the user tokens that was created was before user tokens had an expiration. Would this affect revoking said access token, or would it be revoked like all other tokens if the Client-ID it is associated with is no longer valid? If this is an issue, if there any way for Twitch to manually revoke all tokens that were created with a certain Client-ID?

I plan on validating these tokens for peace of mind, but it would still be nice to know.

When a ClientID is deleted
All tokens associated with the ClientID die it just may take a little time to do so.

it’s not a revoke it’s a scorched earth nailed from high orbit thing.

Ah, that’s good to know. Thanks!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.