I’ve been able to allow users to authorize my application on the frontend. I am also able to generate an access token for a given user. However, when I try to fetch the information for the current user (as described here), the API returns a 400 with the message “Must provide an ID, Login or OAuth Token”.
I’m aware of the change from Authorization: OAuth ... to Authorization: Bearer ..., and as such my headers look like this:
Using these headers and a GET request to https://api.twitch.tv/helix/users, I am returned the 400 error described above.
I’m using the scope user:read:email.
I’m fetching the access tokens via https://api.twitch.tv/kraken/oauth2/token. I didn’t see any documentation for a newer helix token endpoint, but I thought I’d mention this.
For additional information, here’s the exact code I’m using (Ruby)
def get_data
response = HTTParty.get('https://api.twitch.tv/helix/users', headers: {
'Client-ID' => @client_id,
'Authorization' => "Bearer #{@access_token}" # @access_token and @client_id are confirmed to have the correct data
})
response.body
end
Kraken and Helix do use the same types of tokens, however the scopes are non-transferable. Make sure that you actually requested user:read:email and not a Kraken scope.
Honestly, I’m not sure how to tell. I’m getting the access token by POSTing my client_id, client_secret, grant_type (client_credentials), and scope (user:read:email) to https://api.twitch.tv/kraken/oauth2/token.
Finally, I take the given access_token and pass it on to the function described above. Does that sound correct? And my Client-ID header should be correct, since it’s the same ID that I pass to get my token.
Ah, that would be it. Since you are making a request on behalf of a user, you have to provide a user access token. Right now the only endpoint that accepts an access token is the /entitlements/uploadendpoint.