Invalid client when trying to get oauth token ( for application)

elijahlucian · October 6, 2020, 2:01am

I’m trying to get the oauth so i can use my application (chatbot) with tmi.js. I copy pasted the client_id right from the developer dashboard

just like it says. I am sending a POST to
https://id.twitch.tv/oauth2/token?client_id=${client_id}?client_secret=${client_secret}&grant_type=client_credentials

and i get:

{
    "status": 400,
    "message": "invalid client"
}

for my trouble

Dist · October 6, 2020, 8:07am

You can’t use an App Access token to connect to Twitch Chat, so even if you got a token you wouldn’t be able to use it with tmi.js

You need to use a User Access Token, ideally from the Auth Code flow as that can be refreshed, as that will represent a user, and with appropriate scopes allow you to connect to chat.

elijahlucian · October 7, 2020, 12:06am

is there not some simple way to get an oauth token for my chatbot?

I don’t understand this auth flow.

example, if i want my oauth token for discord I just got to https://discord.com/developers/applications/

and grab it there… this seems overly complicated

Dist · October 7, 2020, 12:31am

If you want to connect to chat as a user, you need a user to go through the OAuth process to grant you a token that lets you log in to chat as them.

There is no way to avoid that. Discord has specific ‘bot’ accounts that you connect as, on Twitch though all bots are actual user accounts on Twitch, so if you want your bot to be called ‘MyBot’, you would need to create that account on Twitch and go through the OAuth process of your app while logged into Twitch as that.

If you only need to read chat you can connect with the username justinfan1234, and an empty string "" as a password, so you wont need any OAuth token for that, but because it’s not a user you can’t send any messages.

elijahlucian · October 7, 2020, 12:34am

what is this application for then? Is this not a chatbot? I am very confused here.

what is the application of type chatbot to be used for?

Dist · October 7, 2020, 12:40am

The category selection is just used by Twitch for tracking applications on their side. What you select doesn’t impact what your app can do.

elijahlucian · October 7, 2020, 12:50am

i see. so the auth flow is just for automating my token creation, like re-authenticating a JWT… except it seems like 100x more complicated.

where does one obtain their twitch user client and secret exactly?

Dist · October 7, 2020, 12:59am

The Client ID, Client Secret, and the Redirect URI that you need to set, are all done through the Developer Console when you select your app.

The Auth Code Flow isn’t a complicated process, it’s a standard used by many companies/services.

Send the user to the auth URL at Twitch.
If the user accepts the connection to your app they are redirected to your Redirect URL with a code in the querystring
your server listening on that Redirect URL (or if it’s a 1 off thing, you can do it without a server and just copy the code out of the browser URL bar and finish the process manually) can exchange that code for an Access Token and Refresh Token pair.
The token lasts ~4 hours, so you’ll need to periodically refresh it as specified in the docs (this process can be automated, and doesn’t require user intervention)

system · November 6, 2020, 12:59am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.