If you are working on extensions with more than one person, you may be sharing a Twitch account to create, manage and edit extensions. We generally don’t recommend this approach, as someone unauthorized to your account may put your extension and Twitch users at risk.
Instead, a best practice would be to appoint a Build Lead to be the single contact to build and manage extension properties. At Twitch, multiple developers collaborating on a project typically work with a build lead to set up deploy/review points to ensure consistency and security.
If you still wish to share a Twitch account with 2FA enabled, here are a couple of secure methods your team can use to continue working with multiple release managers:
- Check the “Remember this computer for 30 days” option on the 2FA dialog – We will store a cookie on your machine, which will need to be rotated every 30 days for security. You should log in on any machine managing extensions for the next 30 days. Clearing cookies will remove this verification, so be sure to either whitelist dev.twitch.tv or turn off any automatic cookie removal settings on your browser.
- Use Authy on all devices accessing dev.twitch.tv – Authy is available on mobile devices and desktop computers. If you set up a Twitch account with a common Authy account, multiple developers can use their devices and authenticate using the app without needing to request a token from another developer. See this blog post for more information.
We will continue to improve the experience for teams working with extensions on Twitch Developers. We’ll be sharing more details soon. If you have any questions or need further support, please reply to this thread and our team will respond as soon as they can.
Thanks and happy developing!