Aura Auth
OAuth Providers

Twitch Authorization Provider

Add Twitch authorization provider to Aura Auth to authenticate and authorize

Twitch

Set up Twitch authorization provider to the authentication instance to Aura Auth.

What you'll learn

Through this quick start guide you are going to learn and understand the basics and how to set up Twitch provider to Aura Auth.

Twitch OAuth App

Creating an OAuth app

The first step is to log in to the Developer Console and enable Two-Factor Authentication (2FA) in the Security and Privacy panel. Your session will be refreshed, so you'll need to log in again.

Once your account settings are complete, the next step is to create and register a Twitch Developer Application to access user resources such as Get Users (used by Aura Auth), Repositories, Organizations, etc.

For more detailed information, see Register Your App, Twitch Access Token Scopes, and Get Users.

Registering a Twitch OAuth app includes:

  • Name: The application name shown when users grant access to the app.
  • OAuth Redirect URLs: The URL where Twitch will redirect after authentication. It should end in /auth/callback/twitch for local and production environments.
    • Local environment: http://localhost:3000/auth/callback/twitch
    • Production environment: Set the URL of your application.
  • Category: The application type (Game Integration, Application Integration, Browser Extension, Broadcaster Suite, Chat Bot, Giveaway/Loyalty Tool, Analytics Tool, or Other).
  • Client Type: Defines the confidentiality of key storage (public or confidential). For more details on Client Types, read RFC 6749.

Twitch Aura Auth

Installation

Install the package using a package manager like npm, pnpm or yarn

npm install @aura-stack/auth

Environment setup

Now, it's time to create and consume the Twitch credentials required and used by Aura Auth, it include the client Id and client Secret and write them into a .env file.

Additionally set the secret used by Aura Auth to sign and encrypt the user's session.

.env
# Twitch Credentials
AURA_AUTH_TWITCH_CLIENT_ID="twitch_client_id"
AURA_AUTH_TWITCH_CLIENT_SECRET="twitch_client_secret"

# Aura Secret
AURA_AUTH_SECRET="32-bytes-secret"

# Aura Salt
AURA_AUTH_SALT="32-bytes-salt"

The AURA_AUTH_SECRET is recommended to be a random, high-entropy key to prevent attackers from deciphering the secret used by the Aura Auth application.

Configure the provider

Set the oauth option of the createAuth instance and writing "twitch" name.

@/auth
import { createAuth } from "@aura-stack/auth"

export const auth = createAuth({
  oauth: ["twitch"],
})

export const { handlers } = auth

Custom configuration

@/auth
import { createAuth } from "@aura-stack/auth"
import { twitch } from "@aura-stack/auth/oauth/twitch"

export const auth = createAuth({
  oauth: [
    twitch({
      scope: "user:read:email",
    }),
  ],
})

export const { handlers } = auth

Get HTTP Handlers

Use the HTTP handlers to consume the authentication logic and flow the Aura Auth library to be integrated into routers and frameworks.

backend.ts
import { handlers } from "@/auth"

export const { GET, POST } = handlers

The returned handlers include pre-built routes used in OAuth flows (/signIn/:oauth, /callback/:oauth, /session, /signOut and /csrfToken). You can mount them in Express, Hono, Next.js, or any runtime that supports native Request and Response APIs.

Resources

Strava Authorization Provider

Add Strava authorization provider to Aura Auth to authentication and authorize

X (Twitter) Authorization Provider

Configure the X OAuth 2.0 provider in Aura Auth for authentication and authorization.

On this page

TwitchWhat you'll learnTwitch OAuth AppCreating an OAuth appTwitch Aura AuthInstallationEnvironment setupConfigure the providerCustom configurationGet HTTP HandlersResources