Get user_id from OAuth token?

MasterTimeThief · October 29, 2021, 3:10am

So, my current flow is that I have the user authenticate, and it redirects me to “website.com?/#access_token=1234567890ABCDEF”. I want to be able to use the user’s ID at this site, so can I either:

A) Use the OAuth token to get back the broadcaster its tied to? (Probably not a secure idea, but I’ll still ask)
B) Have the site pass an additional parameter that is just the user ID?

I know there’s a parameter called “state” that I can specify. If I read the doc correctly, the idea is to give it some token that I made, and then have it get sent back as a security precaution. Would it be possible to use the user ID for that, or at least embed it in “state” without it being a security problem?

BarryCarlyon · October 29, 2021, 9:53am

This is implicity auth

To get the user ID extract the access token from the URL hash

and pass the Token to the get users API, and this will return the user for that token, here is that example

https://barrycarlyon.github.io/twitch_misc/authentication/implicit_auth/

This is the correct method, and literally the purpose of oAuth

You don’t have the user ID. So how do you pass an additional parameter with the user ID in?

Same problem you don’t have the user ID in order to put it in state.

system · November 28, 2021, 9:53am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.