← Back to examples
OAuth

Authorization Code Flow

Guide users through the standard Twitch OAuth 2.0 authorization code flow. This example prints a consent URL, exchanges the returned code for tokens, and shows how to refresh user access tokens when they expire.

Get started

  1. Install dependencies in the repository: npm install.
  2. Create a Twitch application (or reuse an existing one) and copy its Client ID and Client Secret.
  3. Expose the credentials to the environment, for example by adding them to a .env file or exporting them in your shell.
  4. Make sure the redirect URI in the example (http://localhost:3000/auth/callback) is registered in the Twitch Developer Console, or update the value in the script to match your app configuration.
  5. Run the guide with npx tsx examples/AUTHORIZATION_CODE_FLOW.ts and follow the console instructions to authorize your account and exchange the returned code.

What you can do

  • Generate user-friendly consent URLs that pre-populate scopes for your integration.
  • Exchange authorization codes for access and refresh tokens with detailed success logging.
  • Refresh user access tokens as they expire to keep Helix and chat operations running.
  • Embed the provided callback handler snippet into an Express or Fastify application.

Next steps

  • Persist the returned refresh token securely in your database or secret store.
  • Reuse the TwitchAuth instance with the Helix or chat clients to make authenticated calls.
  • Add additional scopes such as channel:manage:broadcast before generating the authorization URL.