- You need to send the user to Twitch’s OAuth page, as the example in the docs shows:
GET https://id.twitch.tv/oauth2/authorize
?client_id=<your client ID>
&redirect_uri=<your registered redirect URI>
&response_type=code
&scope=<space-separated list of scopes>
The user needs to actually go to that page, not any sort of fetch request that tries to display that on your site or anything like that, you need to send the user to that Twitch page.
-
The user accepts or denies the connection with your app, and are sent back to your redirect uri (
https://<your registered redirect URI>/?code=<authorization code>) -
Your redirect uri will need a handler that takes the code from the querystring of the incoming request, and exchanges that for an access token and refresh token.
POST https://id.twitch.tv/oauth2/token
?client_id=<your client ID>
&client_secret=<your client secret>
&code=<authorization code received above>
&grant_type=authorization_code
&redirect_uri=<your registered redirect URI>