The difference between the User Access Token and the App Access Token is stated in the “Types of Tokens” section of the OAuth documentations https://dev.twitch.tv/docs/authentication#types-of-tokens
It states that ... app access tokens are not associated with a user, they cannot be used with endpoints that require user authentication Thus meaning that an application access token cannot be used to view private information such as Subscribers.
App and User access tokens both function the same way. The Twitch API requires you (the developer) to provide an authorization to access it.
The User Access Token is the user granting you permission to view their information.
If your application wanted to view public information such as games or streams you need to have permission from Twitch via an Application Access Token
If your application wanted to view private information such as subscribers or the stream key you need to go through the OAuth Client Credentials Flow (As you were doing to receive the stored access_token), and use that access_token as authentication.
P.S. Store the refresh_token too, you need it to get a new access_token when it expires
Edit:
Just another thing to note, if you’re retrieving a User Access Token you might not need an App Access Token at all. When fetching a users stream (even though it’s public information) you can still use the Users Access Token.
User Access Token can view Public and Private Information.
App Access Token can only view Public Information