Invalid OAuth token error

rouq1567 · May 6, 2021, 7:16am

I tried to test the API, but every time I send an import request, I return an error of 401. I don’t know where it went wrong.

{error: “Unauthorized”, status: 401, message: “Invalid OAuth token”}

axios.create({
baseURL: 'https://api.twitch.tv/helix',
timeout: 6000,
headers:{
    'Client-ID':'id',
    'Authorization':'Bearer <access token>'
}

I got oauth token by referring to this.

GET ‘https://id.twitch.tv/oauth2/authorize?response_type=code&client_id=uo6dggojyb8d6soh92zknwmi5ej1q2&redirect_uri=http://localhost&scope=viewing_activity_read&state=c3ab8aa609ea11e793ae92361f002671’

Dist · May 6, 2021, 7:54am

Once you get the code from that auth flow, do you follow the the rest of the require steps explained in the documentation to exchange that code for an Access Token? https://dev.twitch.tv/docs/authentication/getting-tokens-oauth#oauth-authorization-code-flow

rouq1567 · May 6, 2021, 8:23am

Yes, I changed the client_id part to my client ID and got an access token. I did it the same way two months ago, but there was no problem then.

BarryCarlyon · May 6, 2021, 10:04am

Did you exchange the returned ?code for an access token as per step 3?

3) On your server, get an access token by making this request:

POST https://id.twitch.tv/oauth2/token
    ?client_id=<your client ID>
    &client_secret=<your client secret>
    &code=<authorization code received above>
    &grant_type=authorization_code
    &redirect_uri=<your registered redirect URI>
Here is a sample request:

POST https://id.twitch.tv/oauth2/token
    ?client_id=uo6dggojyb8d6soh92zknwmi5ej1q2
    &client_secret=nyo51xcdrerl8z9m56w9w6wg
    &code=394a8bc98028f39660e53025de824134fb46313
    &grant_type=authorization_code
    &redirect_uri=http://localhost

On the docs Dist Linked?

rouq1567 · May 6, 2021, 11:06am

Aha, I haven’t done phase three so far. Thanks to you, you received a refresh token and an access token! But the status is still 401, what should I do to use the API freely?

BarryCarlyon · May 6, 2021, 11:08am

Whats the body message attached to the 401?

rouq1567 · May 6, 2021, 11:13am

Here’s what the message is about.

{
    "status": 400,
    "message": "Invalid authorization code"
}

Is it possible to request a request only once? I sent the request several times because I didn’t know well.

BarryCarlyon · May 6, 2021, 11:14am

That suggests you tried to reuse the ?code to get an access token.

A ?code can only be exchanged for an access token once.

rouq1567 · May 6, 2021, 11:36am

Fortunately, I sent the request from the beginning and received the token in the form of JSON. By the way, how can I use the API using the token I received now?
The status of 401 is the result of the api requested by axios.get().

Below is the response I received after running step 3.

{
    "access_token": "access_token",
    "expires_in": 14376,
    "refresh_token": "refresh_token",
    "scope": [
        "viewing_activity_read"
    ],
    "token_type": "bearer"
}

BarryCarlyon · May 6, 2021, 11:42am

You have already posted the answer:

Step 3 you exchange the ?code for a token.
Then you take the token from the JSON blob and use that in API requests

rouq1567 · May 6, 2021, 12:13pm

I put in the access token and it works well. I think I know what the problem was now. I think it was because I didn’t go through the middle stage. Thank you!

system · June 5, 2021, 12:14pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.