This concerns all aspects of the developer tools available: API, IRC, PubSub, etc. If this is not the correct location to post this, please advise.
I recently deleted a personal project from dev.twitch.tv. I would like to revoke the Client-ID and all access tokens (user tokens, app access tokens, etc.) that were created using the Client-ID.
Is the Client-ID automatically revoked by deleting the application? For all of the access tokens, are these automatically revoked if the Client-ID that was used to create them is also revoked, or do these need to be individually revoked as described in the Authentication documentation? I would assume (and hope) it’s the prior since the Client-ID should be effectively unregistered.
I forgot to add one bit. This Client-ID is an “older” one. At least one of the user tokens that was created was before user tokens had an expiration. Would this affect revoking said access token, or would it be revoked like all other tokens if the Client-ID it is associated with is no longer valid? If this is an issue, if there any way for Twitch to manually revoke all tokens that were created with a certain Client-ID?
I plan on validating these tokens for peace of mind, but it would still be nice to know.