App Access Token & Client ID

TheBrohman · September 15, 2020, 1:26am

Hello there fellow developers.

I am just curious about how bad it would be if people got a hold of my Application’s App Access Token and Client ID? The reason as to why I am asking is because I have made a website with HTML/CSS/JS, and it is deployed at and hosted by Microsoft Azure, but I am not for the life of me able to access the environment variables (Application Settings on Azure) I have set up. From all the documentations I have read through and countless hours of Googling, I just can’t get it to work.

So yeah, that is why I am asking. If anyone either knows how to get the environment variables to work I would appreciate any pointers and help, but if not I would just like to know how bad it would be. The only thing I use my Twitch Application for is to check if a streamer is live.

Thanks for any replies in advance!

BarryCarlyon · September 15, 2020, 1:31am

Very. this is against the developer agreement.

Any oAuth/Bearer token is essentially a Password and should not be released publicly.

Let alone someone can take your oAuth token and clientID and go and burn up your webhook limits or other malicious actions.

TheBrohman · September 15, 2020, 1:39am

Yeah that is what I thought.

Welp, back to the drawing board it is.
Thanks for the reply.

system · October 15, 2020, 1:44am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.