I’m playing with the Twitch API, i’ve created an application on the dev console, go my Client ID, and generated a Client secret.
I’ve deployed my app, it’s requesting an app token with the POST /oauth2/token?client_id=${twitchClientId}&client_secret=${twitchClientSecret}&grant_type=client_credentials, which works perfectly well.
But, after some time - today it seemed to have been half a day or something like that - my request will suddenly fail with the error Invalid client secret. If i go to the dev console and re-generate a secret, the app now works again.
Am i missing something ? Maybe a rate-limit, or an expiry policy ?
The only way a Client Secret expires/becomes invalid, is if someone with access to that CleintID hits “generate new secret” like you just did to get your new secret.
So sounds like you accidentally did this invalidating your secret.
Only you have access to the clientID (unless the cleint belongs to an organistation then I’m not sure as I’m not in any orgs)
Im positive I haven’t done the « generate new secret » before the token was already not working anymore, and it happened more than once. I’m not ruling out user error yet tho especially since there’s not other « logical » reason for this to happen.
I’ll post a trace tomorrow wii the content of the request maybe there’s hidden info !
especially since there’s not other « logical » reason for this to happen.