Hello everyone. I have a question regarding OAuth2.
I’m using OAuth implicit code flow on the app’s frontend. Then I pass fetched token to the python backend where I try to retrieve data about the user.
I use only “user:read:email” scope.
The issue is that when I call https://api.twitch.tv/helix/users like so:
auth_headers = {
'Authorization': 'Bearer ' + access_token,
}
url = 'https://api.twitch.tv/helix/users'
response = requests.post(url=url, headers=auth_headers)
I receive {'error': 'Unauthorized', 'status': 401, 'message': 'Client ID is missing'}
If I add Client-Id=some_cliend_id
to the request headers everything works.
Shouldn’t it work with token only?