V5 requires client-id with auth token?

I’m making the following request using OAuth credentials:

GET https://api.twitch.tv/kraken/user
Accept: 'application/vnd.twitchtv.v5+json
Authorization: OAuth {access_token}

And I’m getting back:

{‘error’: ‘Bad Request’, ‘status’: 400, ‘message’: ‘No client id specified’}

In other threads here I saw a twitch employee saying “If you are passing in an OAuth token, we will figure out the Client-ID for you.”. Is this a bug?

Probably not a bug.

Just pass your ClientID, if you pass your clientID with all your kraken requests job done.
Then you don’t need to remember if you should or should not send your ClientID.

Just send it always like the docs say.

The original docs say “please send your clientID” it just never enforced it.

Since some api requests require certain scopes, sending an oauth token for those is required, and “just send a client ID every time” is redundant, as then both the client ID and the token would identify the same account (or what would happen if they were for different accounts?). Also, as LiraNuma said, DallasNChains explicitly said that we do not need to send a Client-ID if we already send an oauth token:

If you are passing in an OAuth token, we will figure out the Client-ID for you.

So to me this does look like a bug.

It appears it is also returning the same result in v3 whereas in the past it would return the expected result - even on Kraken root https://api.twitch.tv/kraken it isn’t pulling clientID from OAUTH, so I am thinking it may be a bug as well.

@DallasNChains - thoughts?

Maybe your oauth token actually is invalid. the root works for me

Hmm how odd, I generated that one to specifically test this and I got the results I mentioned above, however I just disconnected that one (thus invalidating it) and created a new one and the endpoints are working as expected, including V5.

So, i’m not sure if there is a intermittent issue but I am seeing all expected results using OAUTH, so that may be the issue with @LiraNuna - invalidate the current OAUTH and try again - that endpoint is now working for me.

Our issue was strange - we were in talks with Twitch to rename out application (because of legal issues) and I believe that the rename had invalidated and disconnected all tokens.

The interesting this is the fact that we got 400 Bad Request instead of 401 Unauthorized as mentioned in the OAuth RFC.

Just to clarify, re-authenticating the user solved the problem.

Well thats weird. You don’t need to talk to Twitch to rename an application, you can just rename the application directly from the settings/connections page for the person whom owns the application…

Weirdness all round

You do if someone else has the name and the name is copyrighted. Twitch does not allow duplicated app names.

hehe I’m surprised I’ve not come across that one. I’m sure I’ve had two apps with the same name at one time or another. But I’m probably mistaken

Are you still seeing this behavior? There were some issues over the holiday that should be resolved now.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.