Oauth token, return 401 error

GET OAUTH
https://api.twitch.tv/kraken/oauth2/authorize?client_id=CLIENTID&redirect_uri=http://mysite.ru/auth/&response_type=code&scope=user_read+channel_subscriptions&state=c3ab8aa609ea11e793ae92361f002671'

https://api.twitch.tv/kraken/?oauth_token= | return true oauth code

CODE:
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, “https://api.twitch.tv/kraken/channel”);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Authorization: OAuth '.$code));
curl_setopt($ch, CURLOPT_HTTPHEADER, array( ‘Accept: application/vnd.twitchtv.v5+json’));
curl_setopt($ch, CURLOPT_HTTPHEADER, array( ‘Content-Type: application/json’));
curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'Client-ID: '.$clientid));
$response = curl_exec($ch);
curl_close($ch);
echo $response;

My code return error
{"error":"Unauthorized","status":401,"message":"authentication failed"}

If you make a transition directly from a browser then all works
https://api.twitch.tv/kraken/channel?client_id=".$clientid."&oauth_token=".$code

After doing the authorize call, you are returned to your server.

You must then take the code passed and exchange to code for a token.

Then you must use the token as OAuth in the requests.

Further more your PHP is wrong try this:

curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    'Authorization: OAuth '.$code,
    ‘Accept: application/vnd.twitchtv.v5+json’,
    ‘Content-Type: application/json’,
    'Client-ID: '.$clientid
));

You were only setting ONE header containing the clientID. The first three are overwritten

But I’m getting a token already, and it work when used from a browser

If I try in the address bar to pass the clientid and oauth, I get the response from twitch

okay, need use it? https://api.twitch.tv/kraken/oauth2/token
?client_id=
&client_secret=
&code=
&grant_type=authorization_code
&redirect_uri=

You didn’t include this step in your code, so I reiterated it.

The problem is your PHP code not sending headers correctly.

See my corrective code

Thanks, i change code
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, “https://api.twitch.tv/kraken/channel”);
curl_setopt($ch,CURLOPT_CERTINFO, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: OAuth '.$code,
‘Accept: application/vnd.twitchtv.v5+json’,
‘Content-Type: application/json’,
'Client-ID: '.$clientid
));
$response = curl_exec($ch);
curl_close($ch);

Returns an error
{“error”:“Unauthorized”,“status”:401,“message”:“authentication failed”}

But if you go to the direct link I get the answer
https://api.twitch.tv/kraken/channel?client_id=".$clientid."&oauth_token=”.$code

I get the code for php
OAuth Authorization Code Flow
https://api.twitch.tv/kraken/oauth2/authorize?client_id=".$clientid."&redirect_uri=http://mysite.ru/auth/&response_type=code&scope=user_read+channel_subscriptions&state=c3ab8aa609ea11e793ae92361f002671’;

/kraken/channel needs channel_read, not user_read.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.