You are not sending the documented, required V5 header with your requests
The example:
curl -H 'Accept: application/vnd.twitchtv.v5+json' \ -H 'Client-ID: uo6dggojyb8d6soh92zknwmi5ej1q2' \ -H 'Authorization: OAuth cfabdegwdoklmawdzdo98xt2fo512y' \ -X GET 'https://api.twitch.tv/kraken/channel'
First you sign up for a Client ID, which then also gives you a client secret.
Then you need to get the users permission to talk to the API on their behalf
The PubSub topics describe the kind of oAuth token and the scopes needed, In this case it’s a user token (not a server to server/client credentials token)
Authentication is covered here
- You generate a URL, with the scopes needed on it,
- User is sent to that URL,
- User accepts (or declines) your applications (IE ClientID’s) access to their account
- They come back to your webpage and you do the last bit of the oAuth dance*
- if needed depending on if you are using “regular” oAuth or implicit
This example uses implicit auth, so it’s just a “dumb get started” example and normally not something you’d use in production as implicit oAuth tokens cannot be renewed, when the token dies the user has to manually go throw the whole oAuth flow again
Once you have a token, you can call the users endpoint
Omitting any id and login, and just specifying the oAuth token and the API will return the user for that token, then you have the ID and username for the authenticating user