To get an oAuth Token for a USER, involves an Authentication loop using a ClientID in the first place.
For a .exe then probably looking at implicit auth which doesn’t require leaking your secret.
Course that still needs a webserver to collect the token
Or a website the user gets sent to with an instruction to copy/paste the token.
or the .exe connects to your server via some method and the server handles the relay/auth stuff.
Some games on twitch have in the past use an anonomous bot (no token needed) or implement oAuth to obtain account access, which method varies by implementation.
Channel Points is “privileged” data.
So you need a USER oAuth token with the relevant scopes for the user/broadcaster in question, since you need permission from the broadcaster to read/write to their account.
Sure here you could use EventSub but that at the moment only has a webhook transport (socket on the way), so you’d need a relay server to capture events and relay to the game/.exe in question. Then all auth is handled on your server and the .exe/game takes to the server.
So you don’t handle Twitch Auth “in the app” but via another method.
App → talks to your server via some method to ID the App
Link that ID to a TwitchID + token in your database
Not sure what you are expecting to improve here, since “permission” is needed for priviledged data, so an oAuth loop is required in order to obtain that permission.