Using generated OAuth token for GET kraken/channel

tverghis · April 22, 2019, 10:21am

I’ve received an OAuth token from twitchapps.com/tmi for my chat bot. I want to retrieve just this bot’s channel ID and display name. However, when I execute:

curl -H 'Accept: application/vnd.twitchtv.v5+json' \
-H 'Client-ID: {client id}' \
-H 'Authorization: OAuth {oauth token}' \
-X GET 'https://api.twitch.tv/kraken/channel'

I get a 401 unauthorized, with the message “missing required oauth scope”.

The docs for that endpoint mention that the required scope is channel_read, but as far as I can recall, I couldn’t specify the scopes using the token generator site.

How do I accomplish this? Do I need to get an access token using the client_credentials flow myself and specify the necessary scopes?

Harieo · April 22, 2019, 11:03am

If you are testing on your own user then you can create your own OAuth link simply to authenticate with yourself (then by extension any other user who is using your system can later on).

The reference is here: https://dev.twitch.tv/docs/authentication/getting-tokens-oauth/#oauth-client-credentials-flow

The scope parameter is the one you will include channel_read in, with the authentication link you create!

tverghis · April 22, 2019, 11:26am

Thanks, I followed the steps for the client credentials flow, and received a response like so:

{"access_token":"{the token}","expires_in":4897518,"scope":["channel_read"],"token_type":"bearer"}

However, when I substitute that token into the Authorization header in my original post, I get the following error:

{"error":"Unauthorized","status":401,"message":"invalid oauth token"}

Hmmm, ok. Maybe this is because it’s a bearer token, and the kraken API wants something else.

Alright, let’s try the Helix endpoint:

curl -H 'Authorization: Bearer {new bearer token}' \
-X GET 'https://api.twitch.tv/helix/users'

Response:

{"error":"Bad Request","status":400,"message":"Must provide an ID, Login or OAuth Token."}

Huh? The docs explicitly say that if neither ID not Login is specified, it will look up the user by the bearer token. Is this incorrect?

All I want to do is to look up the chat bot’s display name and channel ID, given a bearer token (or OAuth token from twitchapps.com/tmi). I do not need to look up any other user’s information. How do I accomplish this?

Thanks!

BarryCarlyon · April 22, 2019, 11:41am

Client Credentials do not represent a user, they represent a server.

You have obtained the wrong type of auth.

You need

Which’ll represent a user

tverghis · April 22, 2019, 11:54am

Ah, gotcha. That worked, thank you.

However, is it at all possible, in any way, to retrieve the bot’s channel ID and display name given the token generated from twitchapps.com/tmi? This is information that the chat bot will already have, and will greatly simplify what I’m trying to do.

Thanks

BarryCarlyon · April 22, 2019, 11:57am

I don’t use the TMI generator for a number of reasons. But the token it returns assuming it’s still valid (since they can expire).

A token created via TMI generator should work via

IF you have user_read scope, which you probably don’t

or

Or preferabbly

You are better off creating and managing your own oAuth flow.

tverghis · April 22, 2019, 8:21pm

Alright, thanks for the resources!

system · May 22, 2019, 8:21pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.