Invalid OAuth token

API
1

I am having trouble requesting user data.
{‘error’: ‘Unauthorized’, ‘status’: 401, ‘message’: ‘Invalid OAuth token’}

Steps to reproduce:

  1. Register application:
    https://dev.twitch.tv/console

  2. Get a app access token
    https://dev.twitch.tv/docs/authentication/getting-tokens-oauth#oauth-client-credentials-flow
    with these parameters:
    “client_id”: myid,
    “client_secret”: mysecret,
    “grant_type”: “client_credentials”,
    “scope”: (" ".join(scope))

  3. Request userdata via login name
    https://dev.twitch.tv/docs/api/reference#get-users
    with parameters:
    “login”: login
    with headers:
    “Client-ID”: myid,
    “Authorization”: Bearer myappaccesstoken

  4. Print token in json format for debugging
    {‘error’: ‘Unauthorized’, ‘status’: 401, ‘message’: ‘Invalid OAuth token’}

Thanks in advance!

2

For 3 what was the actual URL you called.

It’s unclear from what you wrote if you did

https://api.twitch.tv/helix/users?login=barrycarlyon

or something else

As your entire flow is correct it’s just unclear what you actually called

3

https://api.twitch.tv/helix/users

and concatenating the login parameter via HTTP library
https://2.python-requests.org/en/master/user/quickstart/#make-a-request

4

So what is the actual URL you are calling?

Is your code doing

r = requests.get('https://api.twitch.tv/helix/users?login=foo')

or something else?

Your error suggests that the login is not being passed correctly and as a result the oAuth token is being used to look up the user, but the token doesn’t have a user, hence the error

5

Here is a code snippet from function

this is defined
self.url = https://api.twitch.tv/helix

get_userdata_by_login(self, login)

value = HTTPManager.request(

                method="GET",

                url=self.url + "/users",

                params={"login": login},

                headers={

                    "Client-ID": self.client_auth.client_id,

                    "Authorization": f"{self.authorization_prefix} {self.access_token_manager.access_token}"

                }
).json()

which calls:

requests.session.request(

                method=method,

                url=url,

                params=params,

                headers=headers,

                json=json,

                timeout=HTTPManager.timeout
)
6

is authorization_prefix Bearer or bearer as bearer won’t work

7

self.authorization_prefix = “Bearer”

8

I don’t see anything else obvious, assuming this code generates the URL we think it does.

So we’d have to debug to make sure it’s constructing the URL we think it is.

Which brings us back to the first question

What did the code generate to call?

And, did it construct the header as expected?

9

The url has login name of my application name:
https://api.twitch.tv/helix/users?login=oesbot

The issue seems to between getting the token and then using it.

I get an access token
{‘access_token’: ‘REMOVED’, ‘expires_in’: 5327322, ‘token_type’: ‘bearer’}
but after that the access token isn’t passed to the twitch api request
{‘Client-ID’: myid, ‘Authorization’: ‘Bearer None’}

10

Removed your access token, they should never be posted publicly

So the fault is in your code somewhere since it doesn’t have access to the token?

11

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.