I am passing the
user_read scope to
/oauth2/authorize, and the scope is provided to the callback URL after authorization by the user.
But when retrieving an OAuth token, the scope array is empty, and I cannot use the returned token to read the user information. A call to
https://api.twitch.tv/kraken shows no scopes either.
On the other hand, this works with the implicit authorization flow.
- Create an application.
- Use the code flow to request auth with no scopes.
- Request auth with different scopes e.g.
- No scopes are returned with the OAuth key.
- Delete the app from your Connections: https://www.twitch.tv/settings/connections
- Request auth with
- OAuth key has correct scopes.
It seems that the scopes get “frozen” after auth is requested once, and the user has to delete the app connection to request more scopes.
Since my application originally requested no scopes, I could not request the
user_read scope. After deleting the app from my connections, it works.