Client-ID Requirement FAQs

Hey guys, I’m a total noobs regarding this (sorry for that), but I have a question. I brought a Wordpress Theme ( and I keep getting the 400 Error. The Theme tries to get the Stream Name, Game and Profile pic. Is there anything i can add to the php files in Wordpress to get it working again? It worked perfectly a few hours ago :confused:

Sorry to bother you with my inexperience.


Hey, @MarcelPetzold!

You’ll need to add a Client-ID to the request. Get a Client-ID by registering a Developer Application here: On your index page, I see that there are multiple $.ajax calls to the API starting on line 210. You need to change them all to add the header. You can see the jQuery example in the blog post.

1 Like

This was extremely helpful. Thanks!

Thanks a lot for the reply! Sorry to bother you guys again. I have like no coding skills at all. :confused: I’ve got my Client-ID and changed it in the example. I just dont know on what exact point I need to paste the code. :smiley:

@MarcelPetzold If you’ve purchased the theme I’m sure the one you purchased it from should be able to assist you with this. They would need to update their theme nonetheless.

Would I be dumb for just leaving the client-ID in my source code for everyone to see? Or should I require everyone to get their own client ID and make my program use that specific ID for requests? What could happen if someones uses my client-ID incorrectly?

Client-Id is public, client secret is private. You don’t need to protect the client id.

If you are passing in an OAuth token, we will figure out the Client-ID for you.


{"error":"Bad Request","message":"No client id specified","status":400}

Did you check if your token is valid? I use the same method and mine works fine… I set it up today.

Can confirm, but only for /streams and /streams/:channel.

yes, other requests with token work, except this one

Isn’t the Client-ID meaningless if its public? People could hijack somebody elses Client-ID and get it banned, no?

@hlcws Not meaningless. At its core, it is a tracking mechanism. It allows us to identify and find any offending applications, contact them, see if there is abuse (or an accidentally shipped bug, which happened about a month ago), and help the application get into a good state. It isn’t meant to be something we track and immediately swing the banhammer the minute you start hammering the APIs. It is a point of data used to inform our research and outreach.

Isn’t the Client-ID meaningless if its public? People could hijack somebody elses Client-ID and get it banned, no?

I guess @hlcws meant that anybody could use any valid clientID in his hands to make api calls with this clientID in header, lets say an Android app runs without any authentication some api calls clientsided with an 3rd party clientID in header.
this 3rd party clientID can not be protected from this kind of abuse, and i guerss thats what @hlcws is pointing at.

That’s how I read it, too and how I framed my response. Specifically the part about seeing if there is abuse. If we see an instance of abuse, we can work with the developer to identify and move forward. The alternative here is that we require an OAuth token for every API call. If it becomes a problem, we will work toward addressing it.

1 Like

im trying stream from my elgato capture card; but i get “{“error”:“Bad Request”,“status”:400,“message”:“No client id specified”}” when i try to link my account to twitch via elgato application


Then you will need to follow this guide to get your Client ID and include it in your request.

I don’t know how Elgato CC’s work so it may be something you can do or for them to update and push.

ok thanks; didnt work cuz i cant input the client id; so elgato will have to do an update

Thanks, i asked him, but he doesn’t reply :disappointed:

Can any of you guys help me? @DallasNChains maybe? I have added an app and created a client ID. I just don’t know where to paste the Code. I already tried everything. Header, API section and stuff…i can attatch screenshots if that’d help.

I would really appreciate help from you guys, because seeing “400” as an title is kind of annoying :smiley:


I’m wondering, do i really need to pass a client-id when using browser? Because, you know, I’m already logged in to my twitch account… And it’s not very comfortable to manually copy my client-id and add “?client-id=blabla” every time.

Anyway, is there a way to make my browser automatically send a client-id as a header when accessing api?