Problems understanding oauth authentication

You should get a page similar to: (depending on scopes requested)

In this example, my Application is called the same as my bot (appended with services), but the logged in user/avatar is my broadcaster account.

But this is granting my application (not the user) to access my account.

Your wording here is misleading since an application is not a “user”.

Which topic are you trying to listen on?