Which grant flow should I use?

Hi All,
I’m reading the doc Getting OAuth Access Tokens | Twitch Developers and trying to understand what grant flow I should use. My app will be run on my server, it does NOT have any web interface at all (it’s a robot), it does not exposed to the internet.
It needs to do the following:

  • update my stream info (title, Go Live Notification, etc)
  • read from and write to my chat.
  • maybe something else related to my account, my stream(s).

It is not intended to be used by any other twitch user. I do not need access to other users’ details.

At the moment I’m trying to use client credentials grant flow, but looks like it’s a wrong choice because I can’t get my broadcaster_id this way:

curl -X GET "https://api.twitch.tv/helix/users" -H 'Authorization: Bearer $access_token_here' -H 'Client-Id: $CLIENT_ID'

{"error":"Bad Request","status":400,"message":"The id or login query parameter is required unless the request uses a user access token."}

So, what grant flow should I use?
Thank you.

The reason the request you made with an App token failed is because Apps don’t represent a user, and so Twitch has no idea what user you want to get data for because you never specified an id or login of a user. If you had used used the login param with an accounts username, it would have worked.

While an App token from the Client Credentials flow will work for the Get Users endpoint, it wont work for requests that require permissions granted by a user such as updating a channels title, for this you would need a User token.

For an app running on your server, the recommend choice would be the Auth Code Flow. This will get you an Access Token, and a Refresh Token so that you can programmatically get new tokens as they old ones expire.

If this is just for yourself, and not something that you would need other users to connect through, one option is to use the Twitch CLI, which can temporarily host a webserver required to go through the OAuth process, then once you’ve obtained the tokens you can utilize them within your app, and refresh them from that point on without needing to go through the OAuth process again unless you need different scopes.

1 Like

Hello @Dist , thank you for the answer. I’ve tried it with CLI like this:
c:\mydir\twitch token -u -s channel:manage:broadcast
and it opens a browser window that asks for the client id despite I added the id via twitch configure.

Is there any other, fully non-interactive way I can use in an automation?

No as step 1 of getting a user token will always need the user you want the token of to perform steps manually that of “logging into twitch (if not already) and allowing the clientID access to the account”

Assuming you are using an oAuth flow that can be refreshed (DCF which doesn’t need a secret locally, or code flow which normally bounces around on a server) then you only need to “seed” the system and then it’ll use the oAuth token till it expires and then use the refresh token to get a new oAuth token.

Then either

Using the seeder script you’ll only need to reseed if the Refresh token is no longer valid

1 Like

So, I need to refresh it manually anyway. Got it, thank you.

Refreshing tokens can all be done programmatically. You only need user interaction to initially connect to your app and agree to the scopes being requested to get the Access Token and Refresh token. Once that’s done, it can all be automated from that point on unless you need new permissions that you hadn’t previously requested from the user.

1 Like

Great news. Could you please provide me with the link to doc to that update procedure?

Refresh is documented here: Refreshing Access Tokens | Twitch Developers

Reseed manually a token and refresh if the refresh token dies/is invalid.

1 Like