Twitch authorize is passing me back a # instead of a?

missionz3r0 · September 16, 2020, 9:43pm

https://id.twitch.tv/oauth2/authorize?client_id=[client_id]&redirect_uri=http://localhost:8080&response_type=token

What I expect to happen is I get redirected to

http://localhost:8080?access_token=[access_token]&scope=&token_type=bearer

however I’m redirected to

http://localhost:8080#access_token=[access_token]&scope=&token_type=bearer

Which causes problems with my router, which ended up looking like

http://localhost:8080/#/access_token=[access_token]&scope=&token_type=bearer

But what I expect is

http://localhost:8080/#/?access_token=[access_token]&scope=&token_type=bearer

Anyone know what I’m doing wrong here?

WLG3R · September 16, 2020, 10:05pm

Implicit always sends with a hash param, type=code sends it as a ? query param. Hash can’t be read by servers, that’s why they send it with a hash, only browsers can read it.

WLG3R · September 16, 2020, 10:07pm

Are you using angular? You can change the routing strategy from hash to location.

I don’t know react or others, but I assume they have similar concepts to change also.

missionz3r0 · September 16, 2020, 10:08pm

Using vue actually. But, thank you. Switching it to code will work just fine for me. Don’t know how I didn’t see that before.

WLG3R · September 16, 2020, 10:10pm

just remember code needs your secret, so you need your backend to convert it to an access token, you can’t put your secret on the front end

missionz3r0 · September 16, 2020, 10:12pm

Gotcha, thanks

system · October 16, 2020, 10:12pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.