New Helix Endpoint - Broadcaster Subscriptions (Missing Scope)

Hey there.
Luckily, we finally got the Subscriptions endpoint.
To use it, a bearer token with channel:read:subscriptions scope is required.
However, on providing such a token,
curl -H 'Authorization: Bearer xxxx' -X GET 'https://api.twitch.tv/helix/subscriptions?broadcaster_id=xxx'

i get the response
{"error":"Unauthorized","status":401,"message":"Missing channel:read:subscriptions scope"}

The used token for the call however states
{"access_token":"xxxx","expires_in":5031751,"scope":["channel:read:subscriptions"],"token_type":"bearer"}

(removed the actual token)

Is that a behavior others experience as well?
The token was requested using a client id and secret from the channel in question, and the request is issued using the broadcaster_id used to get the token (altho i tried the channelID to make sure too).

What’s the output from curl -H 'Authorization: OAuth xxxx' https://id.twitch.tv/oauth2/validate

What do you mean by using a client id and secret from the channel? Client ID’s/secrets aren’t part of a channel, they come from an app which has no relation to any specific channel. I just want to make sure you’re using the correct auth flow and having the user go through it rather than creating an App Access Token which can’t have user scopes on it and so would return an error about missing scopes.

Thanks for mentioning it, this struck me a day after. I was actually generating an app access token without thinking about it. With a client token it’s all good, thank you!