"subscription missing proper authorization"

For some reason I’ve been unable to get this to work no matter what I do

using (var client = new HttpClient())
{
   client.DefaultRequestHeaders.Add("Authorization", $"Bearer {BotDetails.USER_ACCESS_TOKEN}");
   client.DefaultRequestHeaders.Add("Client-Id", BotDetails.CLIENT_ID);
   var content = new StringContent(JsonSerializer.Serialize(new
   {
      type = "channel.chat.message",
      version = "1",
      condition = new
         {
            broadcaster_user_id = BotDetails.CHAT_CHANNEL_USER_ID, 
            user_id = BotDetails.BOT_USER_ID
         },
         transport = new
         {
            method = "websocket", 
            session_id = sessionId
          }
      }), Encoding.UTF8, "application/json");

I’ve tried everything… It seems like I’m meant to pass my APP_ACCESS_TOKEN right? but if I use that instead of the user one, I get a 400 “invalid transport and auth combination” error…

I’ve put my required scope as “user:bot”, “user:read:chat”, “user:write:chat”. When my bot starts it gives me a URL to auth, I click it and I grant the perms and yet I still have the 403 forbidden no matter what I do.

Not for a websocket no

That sounds like you are generating a user token for your bot with the correct scopes.

And thats the token you should use to create subscriptions with on a straigh websocket

Seems you are using the correct token.
On the WebSocket transport.

This is the correct error for a straight websocket, as striaght websockets require user tokens

Whats the body message?

To read chat over a straight websocket requires only user:read:chat scope.

Example: EventSub WebSockets Chat edition with Implicit Auth Example

  • user:write:chat being for sending
  • user:bot is for not this transport.

As a side note BotDetails.BOT_USER_ID isn’t banned in BotDetails.CHAT_CHANNEL_USER_ID?

And both of these are the numerical ID’s of the users in question (not their logins?)

Sorry what do you mean by “body message”?

And thanks for the note on the needed scopes, I just put all of them from " Example Chatbot Guide | Twitch Developers" I just threw scopes at it in the end.

Both ID’s are numeric yeh but I’m not 100% sure if they are correct… I used a website where I put the usernames in to get ID’s

Edit: Sorry I missed the banned question. I swapped to my bot account and sent a message in the channel manually and it worked. So it shouldn’t be banned?

Edit 2: I figured out that I could get ID’s from that link you sent and yeh both are correct

You’ve stated the error code is 403
But not the body of the response.

The HTTP Code is half the information.

Here you said the body message is invalid transport

Here you only provided the HTTP Code

Ahh I see what you mean about the body now
“{“error”:“Forbidden”,“status”:403,“message”:“subscription missing proper authorization”}”

I was thinking… Can the issue be that the bot is an APP on the 2nd account?

I have the channel it’s trying to join, which is my main account and the bot used to join using the 2nd account which owns the app

Okay I think I actually fixed it… I thought I just had to auth the bot from the broadcaster of the channel it was joining and working on.

It appears that the bot didn’t have the correct perms from the account which owned it

PS: I’ve literally been trying to fix this for the past 6 hours and that’s all it was… Thanks for the help <3

Yeah you need to auth as the user you want to read/write chat as

The owner of the clientID is irrelevant. It’s all about whom auths to the clientID and whom the user is in the token

Right, so the bot user id is what needs those perms.

When it comes to moderating, it would still be the bot user that auths because it’s using the bots moderator status?

If I wanted my bot to do anything that is locked to streamers like manage VIP status, I would then use the Broadcasters auth and ID?

You want permission from the user that you want to act as.

So if you want to “timeout people as the bot doing it” then you want the bots token.

If you want your script to “timeout people as the broadcaster doing it” then you want the broadcasters token.

Generally you will want the bot’s token for this.

Yes.

So generally you’ll need two tokens, one from the bot to read/write resources at as the bot

And one from the broadcaster to read/write resources that need the broadcasters token

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.