Hi, I don’t know if it’s the normal behavior but I am trying to retrieve server side user’s email address. When I get a user token with the right scope (user:read:email) it does work fine but if I switch from an app token, the email field is removed from the request. I am hiting the new Twitch API, getUsers function call. I am testing from postman (for now) but had the same issue in a node.js application. No error message, just that the field is removed. What we are trying to achieve is to retrieve user’s email server side (if they are verified of course).
Your wording is confusing
- If you use an “app access token”, this doesn’t represent a user, so there is no permissions to read an email from
- If you use a “user access token”, it does represent a user, and thus has permissions (if requested) to read the email address on the users API
You should use the “user access token” you obtained from the user in your server side code.
An “app access token”, is for use when a users token isn’t needed or cannot be obtained, and won’t grant access to privileged data (generally speaking). And a users email is priviledge.
This API
Requires a “user access token” with scope "user:read:email: applied to read the email, and where the id/login specified in the request, matches that of the user token you specify
Basically you should always be using a users access token, (even server side) if you want to read a users email address from the GetUsers API
And you’ve misunderstood the purpose of App Access Tokens
Gotcha. That’s what I was thinking, wasn’t sure but make sense. Thanks for the quick response!!!
Should I see their email using the helper and decoding their jwt comming from their authentication in my Twitch extension?
No
User Email are not provided/made available to you via the Extension helper, that requires the user to perform an oAuth loop to grant access to the users email address.
Or in the case of a viewer, provide a text entry field for the user to provide their address instead.
Good, thanks again.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.