How do I get a unique token for the state value?

asdfghost_ · April 1, 2016, 8:29pm

I’m new to the Twitch API, and I don’t know how to get an access token to supply the state value as shown here:

https://api.twitch.tv/kraken/oauth2/authorize
        ?response_type=code
        &client_id=[your client ID]
        &redirect_uri=[your registered redirect URI]
        &scope=[space separated list of scopes]
        &state=[your provided unique token]

I get a 404 error when being redirected the redirect URI.

I tried following steps 1-3 under Authorization Code Flow on the Authentication page leaving state blank. After doing step 2, I copied the code from the URL after getting error 404 again. Then, I filled in the request URL placeholders except for state (which I trying to get) in step 3, attempted to access it,

https://api.twitch.tv/kraken/oauth2/token?
    client_id=[your client ID]
    &client_secret=[your client secret]
    &grant_type=authorization_code
    &redirect_uri=[your registered redirect URI]
    &code=[code received from redirect URI]
    &state=[your provided unique token]

and I ended up with another 404 error in JSON form instead of the response shown in the documentation.

{
   "access_token": "[user access token]",
   "scope":[array of requested scopes]
}

How am I supposed to avoid getting the 404 error if I cannot obtain a token, and how do I even get the token?!

BarryCarlyon · April 2, 2016, 10:56am

The state is completely optional. It can be used to send data to Twitch which Twitch then passes back to your on authentication…

To auth:

Send the user to
https://api.twitch.tv/kraken/oauth2/authorize ?response_type=code &client_id=[your client ID] &redirect_uri=[your registered redirect URI] &scope=[space separated list of scopes]

swapping [your client ID] for your Client ID, [your registered redirect URI] for your Registered Redirect URI, and [space separated list of scopes] for the scopes you need

User accepts the auth and gets redirected to [your registered redirect URI] THEN software on your URI grabs the [CODE] from the GET parameters and makes a POST request to exchange the [CODE] for an [user access token]

You are getting a 404 because you are getting not posting.

client_id=[your client ID] &client_secret=[your client secret] &grant_type=authorization_code &redirect_uri=[your registered redirect URI] &code=[code received from redirect URI] &state=[your provided unique token]

Is supposed to be in the POST body, you are GET’ing it instead.

asdfghost_ · April 4, 2016, 4:16pm

Okay, then how do I make this POST request in the body—with a form?

IllusionaryOne · April 4, 2016, 8:12pm

In short, yes, capture the data you want from your user via a form and then call the API with the data captured on the form as parameters. You will then also need to create a redirect (or callback) page that Twitch will call and pass data back to that you then display to yourself (or your users, or whomever your target audience is).

Although, really there isn’t much your user should have to enter unless you need them to register their own client_id and input it manually onto a form.

From reading your original post, I am wondering, did you obtain a Client ID? If not, you can generate one from your Twitch > Settings > Connections configuration. You will need to provide a URL that Twitch will call back to in order to provide the access token.

system · May 4, 2016, 8:12pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.