Twitch API returning intermittent 401 Unauthorized errors when fetching user data

I’m developing a Twitch Extension that displays cat treat recommendations from the Billi Treats API inside a panel below the stream. The extension loads correctly at first, but the embedded section occasionally stops loading dynamic content — showing only a blank area while the rest of the Twitch interface works fine.

Here’s what I’ve observed:

• The issue occurs randomly when fetching product data through the Billi Treats API endpoint.

• Console shows intermittent CORS and network timeout errors.

• The API works normally when tested outside of Twitch (via Postman or a standalone page).

• I’ve already verified the manifest.json and added the correct content_security_policy for the Twitch extension environment.

• The issue seems to happen more often when the panel reloads after being minimized or when switching between streams.

Could this be related to Twitch’s sandboxed iframe environment or how it handles cross-domain requests from third-party APIs like Billi Treats?

What Twitch API’s are you calling? How are you calling it? Where are you calling from?

So the problem is with billi’s API

On Billi’s API? Then it’s their API at fault

Network timesouts and non 200’s can masquarde as CORS errors if the error page doesn’t serve CORS headers

There is no manifest.json file relevant to Twitch Extensions

`content_security_policy` unless simulated in your local env, this only applies in Hosts test, you didn't state if local of hosted.

No as all that Twitch Applies (in hosted test and avove) are security/CSP rules.

Everything else is your code and/or the remote API being called.