Have a chat/whisper bot? Let us know!

In the last few years, we have had a lot of users create chat bots that do all sorts of things ranging from moderation to loyalty points. We will attempt to keep bots in the mix while making decisions about how our product should act, especially in terms of rate limits, and preventing malicious actors.

We often do not have a full picture of what the developer landscape looks like, and are requesting that you help provide us with that information. If you notice your messages from a bot account not going through for example, it may be that we detected it as a spam bot, and are blocking it’s messages because we’re not aware of it’s purpose.

In order to make better decisions about how to identify and allow for non-malicious bots, we’re asking you to add any and all bots to a form. This will do several things:

  • Increases number of unique recipients of whispers
  • Increases burst capacity of sending whispers (ie per second and per minute max)
  • Increases chat rate limit from 20 to 50 in a 30 second window.
  • Small tweaks to various filters where they apply to automated chat messages (ie spam filtering)

Most importantly, this helps us identify your bot accounts, so we can better service you guys when making decisions.

Obviously there is a risk to doing this, if your bot account was compromised in some way. In order to qualify for this change, you must enable two factor authentication on the bot’s account.

We will review these to ensure that malicious actors are not abusing it. Based on feedback and usage, we’ll be moving this to the developer portal as a self-service and more nuanced product, but we’d like to kick start it this way to get off the ground. To check if an account is marked as a bot, please refer to the is_known_bot and is_verified_bot fields in https://api.twitch.tv/kraken/users/39141793/chat?api_version=5 (replacing the user_id field appropriately), but we expect to look at this in a (roughly) weekly cadence.

If you have any questions, please note them below, and I will update accordingly.

Link to application

17 Likes

I remember having the issue of being flagged for high sending a while ago, and submitted my bot for something (?). It seems to be sorted (though I still fins some users saying that the message/account is suspicious).

My question/point is, if we have already gone through that, do we need to do it again to make sure that all is well?

@ka13b Please resubmit through this form. We did add a lot of accounts during that time, but the process wasn’t scalable, and had some trust steps that we removed in this iteration (ie requiring two factor authentication).

We still have the list of accounts we verified, but without checking everyone to see if you got verified, it’s easier to redo it here. Worst case is you get added twice (noop)

1 Like

Yeah, always best to play it safe. All done. Thanks for the affirmation

Not sure if you’re able to spill the beans on this, but if the bot is subbed to a streamer using one of a streamer’s permanent subs does that at all qualify the bot for increase sending rates?

I haven’t had any issues with the bot I develop, just kind of wondering.

It will grant you access to anything that affects subs, but any “is this a bot” logic flow will be treated the same.

If you have a bot you are developing, please add it here to avoid erroneous behavior regardless if you are experiencing it now or not.

I think I told you the bot’s name, etc. last time you posed a question like this. Regardless, I will add it anyways.

Thanks.

1 Like

Will this be something that we eventually see in the Kraken API /users/?

{
  display_name: "MyBotAccount",
  _id: "00000000",
  name: "mybotaccount",
  type: "bot"
}
2 Likes

How do I get the user ID the form is asking for? The login is obviously the name I’ve given my bot.

@Ruehrfisch,

Request

https://api.twitch.tv/kraken/users?login=coebot

Response

{
  "_total": 1,
  "users": [
    {
      "display_name": "CoeBot",
      "_id": "55056264",
      "name": "coebot",
      "type": "user",
      "bio": null,
      "created_at": "2014-01-15T22:07:49.748686Z",
      "updated_at": "2017-06-08T12:31:56.740546Z",
      "logo": "https://static-cdn.jtvnw.net/jtv_user_pictures/coebot-profile_image-e68fe64abfff84d9-300x300.jpeg"
    }
  ]
}

If we are using two accounts for the bot (botName and botNameTV for example) do we specify them both in one form, or do we submit twice a form?

@breon,

I’ve never worked with any API but willing to learn.
I just copy&pasted the API-address into my browser and switched the name of the bot to my bot’s name. Everything I get is

{“error”:“Bad Request”,“status”:400,“message”:“No client id specified”}

What am I doing wrong?

All API calls need to include your client-id for your app. If you don’t have a client-id read the docs on getting started https://dev.twitch.tv/docs/v5/guides/using-the-twitch-api/

Please submit all bots. If you are using two, please submit two.

What about ones like Ankhbot? There are probably hundreds of customized “bots” using oauth tokens instead of just one big bot like Nightbot. I made one similar to Ankhbot for a few things and it requires the broadcaster to put the oauth token in, so I have no idea how many different accounts that bot is current running as.

@firynth As we (as far as I am aware) are not aware of those usernames, anyone using that product would need to submit their bot’s name. I’m more than happy to investigate if their bot’s are clustered around a particular client_id.

I am hesitant to bulk grant additional privileges to accounts that are not using two factor authentication.

1 Like

Give an request day ago, where do I get the answer, and will I receive it at all?

I’ve added the users that have two factor auth enabled so far.

Reminder: Please have two factor auth enabled!

I’m developing a bot that allows users to create their own bot account to act as the display name in their channel. All authenticated accounts for the bot program go through a single Dev App with a client_id.

I assume that currently because we are submitting an account, that only that account has these new bot rate limits.

Does this mean though that in the future all accounts under a client id will have these bot rate limits?

Both my own account (with the Dev App), and my bot account, are behind 2FA.