Register your application in the Twitch Developer Console to obtain a client_id and client_secret.
Send a POST request to the Twitch OAuth token endpoint with client_id, client_secret, and grant_type=client_credentials as form-encoded body parameters.
Parse the access_token and expires_in values from the JSON response.
Store the token securely and include it as a Bearer token in the Authorization header of subsequent Helix API calls, alongside the Client-Id header.
Implement proactive token refresh: when the token is near expiry (or on receipt of a 401), request a new token rather than waiting for failures.
Known gotchas
App access tokens are not tied to a user and cannot be used for endpoints requiring user authorization scopes.
Do not embed client_secret in client-side or public code; this flow is intended for server-to-server use only.
Twitch may revoke tokens at any time; always handle 401 responses by re-fetching a token rather than treating the token as permanently valid.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp