Trying to create new channel point redemption

kd88 · January 13, 2021, 11:41pm

I am trying to use the new Channel Points API to create a redemption programmatically when I trigger an event. I am using a JS library called Axios to send HTTP requests. I am unsure if I am getting the correct access_token from the first post causing the error shown below.

axios.post(https://id.twitch.tv/oauth2/authorize?response_type=code&client_id=${client_id}&redirect_uri=${redirectURL}&scope=channel:manage:redemptions)
.then(response => {
// console.log(response.data.access_token)
axios.post(‘https://api.twitch.tv/helix/channel_points/custom_rewards?broadcaster_id={my_ID}’, {
headers: {
“Client-ID”: client_id,
“Authorization”: "Bearer " + response.data.access_token
},
}, {
“title”: “game analysis 1v1”,
“cost”: 50000
}).then(function (response) {
console.log(response.data);
}).catch(function (error) {
console.log(error);
});
}).catch(function (error) {
console.log(error);
})

This is the error I am getting from this request
{ status: 401, message: ‘invalid csrf token’ }

Dist · January 13, 2021, 11:48pm

Your OAuth process is incorrect, and not as documented https://dev.twitch.tv/docs/authentication/getting-tokens-oauth#oauth-authorization-code-flow

If you’re using the Auth Code flow, step 1 is to send the user whose channel you wish to get permissions for to the OAuth link. You don’t make an axios request, you need to send the user to that actual URL.

If the user accepts, they’ll be redirected to your redirect URI, at which point your server can exchange the code for an access token as documented.

Once your server has exchanged the code for an access token and refresh token, then you can make API requests.

kd88 · January 14, 2021, 1:07am

Do I have to do this everytime I want to make a request? Or can I reuse the token for an infinite amount of time?

Dist · January 14, 2021, 1:13am

You can use an access token until it expires. With the Auth Code flow, you’ll also get given a refresh token along with the access token so you can programmatically get a new set of tokens when needed without the user needing to go through the process again https://dev.twitch.tv/docs/authentication#refreshing-access-tokens

kd88 · January 14, 2021, 1:21am

Do you know of any examples or 3rd party websites that get the access code and refresh code?

Dist · January 14, 2021, 1:30am

I don’t have any examples to hand, as the docs themselves are pretty self-explanatory.

Send user to Twitch to request permission from them
The user is sent back to your server with a code in the querystring if they accept
your server exchanges the code for access and refresh tokens.

For specifics on how you create a web server to handle steps 2 and 3 there are plenty of tutorials on Google, or YouTube, for most programming languages that can host web servers and make HTTP requests.

kd88 · January 15, 2021, 5:25am

I did everything you said and got it to work. My issue now is when trying to create a channel redemption I am getting the error shown below.

I used the “OAuth authorization code flow” to get the access token.

axios.post('https://api.twitch.tv/helix/channel_points/custom_rewards?broadcaster_id={Channel_id}', {
                    headers: {
                        "Client-ID": client_id,
                        "Authorization": "Bearer " + access_token
                    },
                }, {
                    "title": "game analysis 1v1",
                    "cost": 50000
                }).then(function (response) {
                    console.log(response.data);
                }).catch(function (error) {
                    console.log(error);
                })

Error:

data: {
error: ‘Unauthorized’,
status: 401,
message: ‘OAuth token is missing’
}

system · February 14, 2021, 5:25am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.