Ok guys, I think you might need to help me out here again!
(As you already did a couple of times so excellently, so thanks a lot in advance for it!)
However, yesterday I stumbled over this thread, which exactly states my problem:
Even though I am able to make the technical process work (login, allowing, redirecting etc.etc.) I have the wish to understand it thoroughly, so if you could help me out here?!
To give some background information: I have a bot and a “chat rewarding” system. Given a user is a sub the “rewarding” should be higher than for normal viewers.
So far so good.
In the above mentioned thread, user Dist wrote:
Dist:
What do you mean by using a client id and secret from the channel? Client ID’s/secrets aren’t part of a channel, they come from an app which has no relation to any specific channel. I just want to make sure you’re using the correct auth flow[…]
And TreZco replied with:
TreZco:
Thanks for mentioning it, this struck me a day after. I was actually generating an app access token without thinking about it. With a client token it’s all good, thank you!
Unfortunately it hasn’t struck me yet ^^.
How am I able to differentiate when which auth flow has to be used?
Please, don’t tell me only “when user, …/when app”. Tell my HOW am I able to see this myself(In the docs, the API, anything)?! What information have I missed?
Especially at the very beginning Authentication | Twitch Developers there is
“[…] which enables your application to take actions on behalf of a Twitch account or access certain data about a user’s account.”
So for me that means, when I want to have an information about a user/channel (e.g. if a user is subscribed to my channel) I can create an app (my bot) that checks (when a user enters my chat) if he/she is subscribed to my channel. But as it seems this does NOT work with app access tokens?!
Further down it is stated that:
(App access tokens)
Authenticate your app and allow it to access resources that it owns. Since app access tokens are not associated with a user, they cannot be used with endpoints that require user authentication.
Doing a google search on “user authenticate” of site: Authentication | Twitch Developers
Led to the following which also describes the same problem (confusion) with a solution (thanks TheElm):
and as it seems I might not be the only one being confused (in addition I haven’t found more “user authentication” within the API which is also causing some of my confusion.
However, how are you guys and girls are able to figure that out yourself?
Why isn’t (on every request) stated: “user authentication required”/“no authentication required”…etc.?!
Should I/are you(?) be able to “guess” it depending on the case that I think it might be a user related information? Or is it a “trial and error thing”?! How do you make it?
Thanks a LOT for your response!!!