To work with widget’s settings the broadcaster will need to login to SE via Twitch, so here is where the security is. Also I understood that OIDC implicit code flow returns a token that doesn’t last much time + the token will work only for reading rewards, isn’t it?