Open ID & Oauth flow for desktop applications

I want to develop a desktop app that enables Twitch login.
I have found two main issues:

  • If I don’t want to run a web server on the client machine, reading the documentation, seems that the Twitch oauth does not support Oauth2 device flow
  • Even if I spawn a local server, the Twitch developer console does not allow me to specify localhost with a generic port as Github is doing. I can’t pretend that the client will have a specific port available while running the application.

Can someone share with me their experience on the topic?

Thanks

I run a server.

  • Send people to id.Twitch
  • They come back to my server
  • JS on that page grabs the token
  • JS redirects to a custom protocol://token
  • Desktop app captures the token

Same server also handles my download links/app assets.

But concievable the JS could run on a GitHub pages page if you wanted to have no server of your own.

1 Like

Hello Barry, thanks for the quick answer.
If I understood correctly your server (this approach requires anyway a public reachable server) is then redirecting to a deep link of your app://

Thanks

Correct

“Custom Protocol” and “deep link” being interchangable labels for the same thing, yeah

1 Like

Barry, thanks for the support.
I will evaluate this option! I hope that in the future Twitch will align their implementation to the oauth standards :sweat_smile:

Cheers

Most welcome!

I’ve seen a uservoice floating around for PKCE/other oAuth options so worth taking a trip over to uservoice to create of update an existing suggestion https://twitch.uservoice.com/forums/310213-developers

1 Like

That’s very cool!

I will for sure look into that and share some ideas!

Thanks

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.