I’m not really sure what to do. I’ve just read the announcement that we need to use Oauth for ALL Helix endpoints. The only endpoint I use is get streams. The docs for that endpoint say that none authentication is needed but at the begging of the page, it says that Documentation will be updated as these requirements go into effect. And if I indeed need Oauth for that endpoint I have no idea which token type I need.
Any advice is welcome.
Thanks in advance.
Any token will work as that API endpoint doesn’t require any scopes.
App Access tokens aka server to server tokens, will generally fit the best. (But don’t use these in front end code)
Threw a uservoice up for your documentation notes
That was super fast, thanks!
I have no server-side code, only client (android app). I’m just showing the list of active streams, no logins, nothing. What do you recommend?
Thanks again!
Personally.
I’d have a central server, that central server would relay/internally cache the requests. (Two android users looking up /twitch being live, you can save a request to the API if you already recently fetched that data for example), then the app wouldn’t need any tokens at all.
Alternatively:
Your Android App, would implement Implicit Auth, which’ll generate a token for you (without needing a server), which would have a nicer expires_at than a regular user token.
Also means that since you know whom the person is, you can personalize a little better. (Show the users profile and/or fetch their follows and show their followed streams first or something)
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.