App Access Token & Client ID

Hello there fellow developers.

I am just curious about how bad it would be if people got a hold of my Application’s App Access Token and Client ID? The reason as to why I am asking is because I have made a website with HTML/CSS/JS, and it is deployed at and hosted by Microsoft Azure, but I am not for the life of me able to access the environment variables (Application Settings on Azure) I have set up. From all the documentations I have read through and countless hours of Googling, I just can’t get it to work.

So yeah, that is why I am asking. If anyone either knows how to get the environment variables to work I would appreciate any pointers and help, but if not I would just like to know how bad it would be. The only thing I use my Twitch Application for is to check if a streamer is live.

Thanks for any replies in advance!

Very. this is against the developer agreement.

Any oAuth/Bearer token is essentially a Password and should not be released publicly.

Let alone someone can take your oAuth token and clientID and go and burn up your webhook limits or other malicious actions.

Yeah that is what I thought.

Welp, back to the drawing board it is.
Thanks for the reply.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.