[SOLVED] Can't Set Extension Required Configuration


I am trying to make an extension that requires configuration, I have set the “Required Configurations” field in Extensions Capabilities (current value is: this_is_a_test)…

In my config javascript file, in the onAuthorized event, I send the auth.token to my EBS, which I can confirm that I receive succesfully. When the user click on “Submit” in the config.html, I send an AJAX request to my EBS and I have to send the PUT request https://dev.twitch.tv/docs/extensions/reference#set-extension-required-configuration … but this is where I am stuck. It looks like I can’t sign the JWT token properly, I am using https://github.com/auth0/node-jsonwebtoken to sign it, this is my code to sign the token:

    "exp": Math.floor(Date.now() / 1000) + (60 * 60),
    "user_id": payload.user_id,
    "role": "external"
}, "my-secret-key");

FYI: I did console.log(payload) and console.log(payload.user_id) to make sure it is a valid payload and user_id.

It returns a signed token and when I try to send it in the header, I get {“code”:401,“status”:“authentication failed”}

I modified a little bit my code (changed client ID, secret, etc…):

const signed = jwt.sign({
    "exp": Math.floor(Date.now() / 1000) + (60 * 60),
    "user_id": payload.user_id,
    "role": "external"
}, "sOmESecReT=");

    url: "https://api.twitch.tv/extensions/s0m3cl1entid/0.0.1/oauth_receipt?channel_id=" + payload.channel_id,
    method: "PUT",
    headers: {
        "Authorization": "Bearer " + signed,
        "Client-Id": "s0m3cl1enTid"
    json: {
        "required_configuration": "this_is_a_test"
}, function(err, res) {
    console.log(err, res.body);

Anyone know what I am missing here ? I even tested with Postman and still no luck. I can confirm that I can decode my signed token using jwt.decode.


I think you need to use the user_id of the extension owner (your own one, as string). Also did you base64 decode the secret you get from the extension page? For me authentication only worked after decoding it and signing using the decoded key, though I am not using node.js so I can’t help you on how to do that, check the readme of your jwt library.

I just tried with:

new Buffer(“sOmESecReT=”).toString()
new Buffer(“sOmESecReT=”).toString(“utf8”)
new Buffer(“sOmESecReT=”).toString(“base64”)

Still no luck, as for the user_id, thanks for pointing this out. At the moment, the user_id is mine as I am testing locally with my Twitch account :slight_smile:

I read the whole JWT library docs and can’t seem to find the reason why it’s not working :frowning:

I quickly looked at the readme, try passing new Buffer('extension_SecReT=', 'base64') as secret. It doesn’t say anywhere on the sign doc, but on the verify doc https://github.com/auth0/node-jsonwebtoken#jwtverifytoken-secretorpublickey-options-callback

Still no luck :confused: I just tried to generate a new secret, still doesn’t work with and without base64 decode

You have the wrong type on your user_id needs to be a string not a numeric/integer.
Try this:

var secret = Buffer.from('sOmESecReT=', 'base64');

var tokenPayload = {
    exp: Math.floor(new Date().getTime() / 1000) + 60,
    channel_id: ''+channel_id,
    role: 'external',

    pubsub_perms: {
        send: [

let signedJwt = jwt.sign(tokenPayload, secret);

base64decode the secret before use.
And cast the user_id and/or channel ID’s to strings not numerics. Note the explicit ''+channel_id in my example.

Above is a snippet from my pubsub sender as apposed to the oauth_receipt which I have not tested with.

1 Like

I think the mistake was with the way I was decoding the secret, I tried with new Buffer.from(“sOmESecReT=”, “base64”); instead of new Buffer(“sOmESecReT=”).toString(“base64”) and now I have a new error (that I will be able to fix): The broadcaster has not tried to activate this extension

So I guess this solved the issue, thank you <3

1 Like

Hah, yeah now I look properly you were encoding it instead of decoding it…

Actually, what would cause “The broadcaster has not tried to activate this extension” response? I thought this endpoint was to enable the activation of the extension, of course the broadcasted has not tried to activate the extension yet! :laughing: … Anyone can explain ? Maybe I should create another topic for this actually.

A broadcaster will install an extension.

Then a broadcaster will activate it into a panel/overlay slot.

When installed, the caster has access to the configuration panels

Oh okay, so I got the wrong endpoint then? At the moment, when you install the extension, you HAVE to configure it first as it says “Needs Configuration” instead of “Activate” (That is what I want). Once the broadcaster sends the configuration, I am sending the PUT request to enable the activation, so that the broadcaster can go back and instead of seeing “Needs Configuration”, he would see the “Activate” button.

You got it!

See also my notes on this thread:

That might help steps wise!

Okay, that is exactly what I am doing, but why a “The broadcaster has not tried to activate this extension” response ? I’m confused :laughing:

You are trying to put a oauth_receipt instead of a required_configuration

My notes link put to required_configuration

1 Like

Hahaha I guess I need some sleep :laughing: Yes I was using oauth_receipt instead of required_configuration, thanks again @BarryCarlyon

Hehe. I can only offer coffee… I’m fresh out of sleep