I want to use IGDB to make some basic queries to get list of games, publishers, etc and not any specific twitch content. Following their doc on authentication I am making a simple call to /token from my server and I am getting the token correctly. However, this token does not come with a refresh_token given that it is intended for server to server only. If I want to reuse said token for a given user, I would have wanted to store it in their cookies and refetch a new token once the first one has expired.
Looking into the general twitch doc, I figure out that I needed to get the user to authorize my app however the app itself doesn’t need any of their twitch user data, which then seems overkill (and with the app I am building, very inconvenient) to have user grant access.
Is there something I am missing? A way to make multiple call with the same token without needing the user to give my app permission to read their data since I do not need their data?
IE: the front end doesn’t directly call IGDB.
Your front end calls your backend and the backend proxies the request to IGDB
Right, that’s what I was doing currently. So my newbie question then is: where can I store this app token on the server (should I even?). Do I end up always calling the auth endpoint before making the data query or do I store the token in the DB? Somewhere else? Thanks a lot!