Home DevelopersExamples & updates Generate Twitch auth tokens

Generate Twitch auth tokens

by BlushyFace

An example how to generate Twitch access tokens automatically with custom scopes. The example requires BlushyFace.Twitch.Authentication and BlushyFace.Common.HTTP to run a local HTTP server.

using System.Collections.Specialized;
using BlushyFace.Common.HTTP;
using BlushyFace.Config;
using BlushyFace.Twitch.API.Auth;
using BlushyFace.Twitch.API.Auth.ResponseObjects;
using Newtonsoft.Json;

namespace BlushyFace.Examples
    public static class AuthDemo
        public static Settings Settings = new Settings(); // auto loads settings from settings file.
        public static Server HTTPServer = new BlushyFace.Common.HTTP.Server(new[] { "http://+:8081/" });
        private static TokenResponse _token;
        private static readonly OAuth _auth = new OAuth();

        public static async void Run()
            HTTPServer.OnResponse += HttpServer_OnResponse; // listens to redirect uri events

            // opens a browser or tab when a browser is open to the Twitch auth page.
            // After the user authenticates themselves it redirects with the redirect url with a token / exchange code for further processing.
            OAuth.OpenBrowserImplicit(Settings.ClientId, Settings.RedirectUrl, "channel_read+bits:read+channel:read:subscriptions");
            OAuth.OpenBrowserAuthorization(Settings.ClientId, Settings.RedirectUrl, "channel_read+bits:read+channel:read:subscriptions+moderation:read+user:edit:broadcast");

            // generate, validate, refresh and revoke a token manually
            var clientCredentials = await _auth.GenerateClientCredentialsFlowAsync(Settings.ClientId, Settings.ClientSecret, "channel_read");
            _token = await _auth.GenerateAuthorizationCodeFlowTokenAsync(Settings.ClientId, Settings.ClientSecret, Settings.RedirectUrl, "...", OAuth.GenerateState(), true);

            var validateToken = await _auth.ValidateTokenAsync(_token.AccessToken);
            var refreshToken = await _auth.RefreshTokenAsync(Settings.ClientId, Settings.ClientSecret, _token.RefreshToken);
            var revokeToken = await _auth.RevokeTokenAsync(Settings.ClientId, _token.AccessToken);
        // automatically exchange code from authorization flow to a token and show the token data in the browser.
        private static async void HttpServer_OnResponse(object sender, NameValueCollection queryString)
            if (queryString.Get("code") != null)
                _token = await _auth.GenerateAuthorizationCodeFlowTokenAsync(Settings.ClientId, Settings.ClientSecret, Settings.RedirectUrl, queryString.Get("code"), OAuth.GenerateState());

                HTTPServer.WriteResponse($"{JsonConvert.SerializeObject(_token, Formatting.Indented)}");

                // saves the token to a config file. -> Config/Settings.json
                if (_token.AccessToken != null)


Implicit flow

Authorization flow

Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments

Related Articles

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More