So I have no idea where I’m failing, but I do remember V5 making this a lot simpler.
I’ve registered an app. I’ve copied the client id, and I send the user (me) to the following URL:
https://id.twitch.tv/oauth2/authorize?client_id=cid&redirect_uri=http://localhost:8080/oauth&response_type=code&scope=user:read:follows
The user/me successfully logs in, and is redirecetd to my localhost page:
http://localhost:8080/oauth?code=TOKEN&scope=user%3Aread%3Afollows
I copy paste the thing into cURL (just to avoid any client side coding erorrs).
curl --location --request GET 'https://api.twitch.tv/helix/following' \
--header 'Authorization: Bearer TOKEN' \
--header 'Client-Id: cid'
Both the client ID and the token are mocked in the question, but not in the query, for clarity. I’ve generated hundreds of token since, and I’m slowly losing my mind, since SOME token is getting generated, but apparently a non existing one. I’ve read through a bunch of questions on here, and they all seemed to just be doing something wrong, and never even got the token, or failed at some point when it came to scopes. I’ve double checked, and I am not seeing any issue with my client id, my redirect, or my scopes. But I am not getting the correct token at all.