Auth flow confusion (extended or rather resolved?!)

API
3

99% of the time you only ever need to use

If a endpoint requires a scope, then it needs auth.

If it lists no scopes then it doesn’t

Some end points (users) will accept a userID, or tell you the user for the Auth you specified. (So the userID is optional and the error code tells you what to do)

Interrupt for Users eaxmple

A call to https://api.twitch.tv/helix/users

  • with only a ClientID will error
  • with a user oAuth will give you the user that the oAuth belongs to
  • with a clientID and a id (or login) will give you the user you asked for
  • with a user oAuth and a id (or login) will give you the user you asked for
  • with only a server oAuth with error
  • with a server oAuth and a id (or login) will give you the user you asked for

Onwards

BUT, all end points that DON’T require an oAuth, you can still specify either a user oAuth (with scopes) or a Client Credentials oAuth to benefit from higher Rate Limits

TLDR: make a request to an end point, read the error message if you get one. (if the docs for that endpoint are unclear)

OR

Join us on discord and ask Support | Twitch Developers

Hopefully that helps a little?

1 Like