Yes, for all User token flows it requires sending the user the Twitch auth URL so that they can see what permissions (scopes) you are requesting, and that they can explicitly allow/deny that connection to your app.
Yes, for all User token flows it requires sending the user the Twitch auth URL so that they can see what permissions (scopes) you are requesting, and that they can explicitly allow/deny that connection to your app.