OAuth authorization code flow - "Missing column authorization_id"

[r2social]

Brief description
I registered an application for OAuth on https://dev.twitch.tv/console/apps. I am using the authorization code grant flow. When I query the token endpoint as suggested by https://dev.twitch.tv/docs/authentication/getting-tokens-oauth, I get the following response back:

{
    "status": 500,
    "message": "Missing column authorization_id from item map[]"
}

How to reproduce

1. Register an application for oauth
2. Set application name to "SampleApp-token.somedomain.com"
3. Set redirect uri to "https://beta.token.somedomain.com//connections/twitch/callback" (clientId is actual clientId value).
4. Create secret
5. Query for access tokens

curl --location --request POST 'https://id.twitch.tv/oauth2/token?client_id=<clientId>&client_secret=<secret>&code=<auth_code_grant>&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fbeta.token.somedomain.com%2F<clientId>%2Fconnections%2Ftwitch%2Fcallback' \
--header 'Accept: application/json'

Expected behavior

1. Return valid token response. Something like what was shown on the guide:

{
  "access_token": "0123456789abcdefghijABCDEFGHIJ",
  "refresh_token": "eyJfaWQmNzMtNGCJ9%6VFV5LNrZFUj8oU231/3Aj",
  "expires_in": 3600,
  "scope": ["viewing_activity_read"],
  "token_type": "bearer"
}

Screenshots

Additional context or questions

• I am an Amazon employee, but I am using my personal account to test.

[jbulava]

This issue is ticketed for investigation internally as IDPLAT-4084.

[ThisWillGoWell]

@r2social In your reproduction steps, are you also creating an authorization at some point? Where are you getting the auth_code_grant code in your request POST 'https://id.twitch.tv/oauth2/token

[lleadbet]

@r2social - what is your username? You can also message me on Discord as ConcreteEntree in the TwitchDev Discord if you'd prefer something private.

[lleadbet]

@r2social - wanting to ping back on this, as the team is having problems replicating this issue.

[lleadbet]

Closing as we've not heard back. Feel free to reopen if you're still seeing this.

[AcesFullOfKings]

Closing as we've not heard back. Feel free to reopen if you're still seeing this.

I've just had this exact issue and am unable to get a refresh token because of it. Googling the error code led me to here, then this issue.

I set up an app, then navigate to https://id.twitch.tv/oauth2/authorize?client_id=redacted&redirect_uri=redacted&response_type=code&scope=analytics:read:games+bits:read+channel:edit:commercial+channel:manage:broadcast+channel:read:redemptions+channel:read:subscriptions+user:edit:follows+channel:manage:predictions in a browser. The resulting code is generated correctly and received by my app, which then sends the request for a oauth token and refresh token, and receives the 500 response above. I was also able to replicate it in Postman:

@lleadbet - ping me if you need any more info. I could provide the client ID privately if that would allow you to investigate the requests at your end?

I have run this exact process previously and it worked fine. I ran it again because I allowed my original token to expire (my fault!) so I tried to request a new one using the same process as before, but this time it failed with 500.