Thank you for the reply!
In that case, is there any way to request that a reauthorization should return a pre-existing access token if one exists and if Twitch would not ask again for permission anyway?
I’d like to be able to expire sessions after some time on a webapp I’m developing and as I understand it, the only way to get an access token from Twitch is through one of the authentication flows. I’m also very concerned about security and would much rather my users didn’t have multiple access tokens floating about which could theoretically be used along with my client ID to access their account.
I do understand that it’s impossible to programmatically request invalidations of access tokens (at least, that’s how I’m interpreting the line “…since there is not a way to log users out of the API.” in the authentication guide) and I think I understand the reasons for not offering a means to do so, but it would make a lot of sense that there would be a way to request an access token that already existed. Is this possible?