Translate Ideas and Comments
Choose language:
There was an error during translation

Developers

Categories

JUMP TO ANOTHER FORUM

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Imagine the following attack for the OAuth 2.0 authorization flow:


    1. Attacker steals the authorization code from the redirect URI.

    2. Attacker forces his instance of the client to redeem the victim's authorization code.

    3. If the attacker's instance of the client is faster than the victim's instance of the client in redeeming the authorization code, the attacker will get a valid login session within his instance of the client, but for the victim's account.

    This attack should especially get attention in the context of Twitch and live streaming, since many streamers are definitely not aware of this vulnerability: If people are logging…

    13 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Investigating  ·  0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  2. In a similar fashion as

    https://twitch.uservoice.com/forums/310213-developers/suggestions/39228784-extend-clips-api-to-provide-the-mp4-url-so-editors

    The Videos API should be extended to provide the (original) VOD to authenticated users where that user is an Editor or better of the channel.

    As in unmuted.

    For the purpose of backing up/taking a copy of the Twitch stream and/or taking that content (that the streamer owns) for use on other platforms.

    Editors can already do this via the Video Dashboard, so the API should support this also

    12 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  API  ·  Flag idea as inappropriate…  ·  Admin →
  3. Please provide a way for third party developers to obtain currently available songs and meta data related to those songs.

    Both in a "get all songs" method and "search for songs"

    Search should be


    • free text (like game/category search)

    • song ID (to get specific song data)

    • artist ID (to get songs by an artist)

    • album ID (to get songs on an album)

    • by category/genre (to get say only Dance music or chill out music)

    12 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  API  ·  Flag idea as inappropriate…  ·  Admin →
  4. If an extension is updated, there generally isn't a good way to tell streamers about it.

    It would be useful if an extension can push a notification to the bell/notification list, like how drops work/notify.

    And/or find a way to present an update notification to the main Twitch dashboard.

    12 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Extensions  ·  Flag idea as inappropriate…  ·  Admin →
  5. When a caster leaves a review.

    Currently we can only get these reviews manually via the console.

    Please provide, one or more of:


    • An API, to collect the spreadsheets like existing ext analytics

    • An API, to collect the reviews,

    • A webhook to collect reviews into our own system(s) in real time

    12 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Extensions  ·  Flag idea as inappropriate…  ·  Admin →
  6. 12 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  API  ·  Flag idea as inappropriate…  ·  Admin →
  7. Including but not limited to.


    • Add new panel

    • Remove Panel

    • Update panel

    • Change order of panels

    11 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  API  ·  Flag idea as inappropriate…  ·  Admin →
  8. 11 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  API  ·  Flag idea as inappropriate…  ·  Admin →
  9. The Get Bits leaderboard API has no ability to get page 2,3,4 etc

    Please add pagination

    https://dev.twitch.tv/docs/api/reference/#get-bits-leaderboard

    11 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  API  ·  Flag idea as inappropriate…  ·  Admin →
  10. I was thinking, not all extensions need to be tried to a specific channel experience, and don't always interact with the broadcaster at all. Extensions like the chat translator, or maybe a TTS chat for viewers who can't read well, or visually impared, it would be great to have for users on every channel, not just channels where the broadcaster decides they want to use it. My idea is to have extensions that the view can enable on every channels, and possibly have the panel for viewer extensions be where the chat is, and possibly take up the bottom half…

    11 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Extensions  ·  Flag idea as inappropriate…  ·  Admin →
  11. Please provide or update the videos API to allow API users to unpublish a VOD

    10 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  API  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add a flag, which is true, when a subscription is made through Prime Gaming. Distinguishing between a regular sub and a Prime sub allows us to react differently on these cases, like also being able to promote the free Prime Gaming sub.

    10 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  EventSub  ·  Flag idea as inappropriate…  ·  Admin →
  13. To give more freedom in using Bits, having a Bits escrow system would be great.
    RFC0011 ( https://discuss.dev.twitch.tv/t/rfc-0011-extension-entitlement-service/19142 ) introduced that idea but was never implemented.

    What would be the possible flows:
    - A viewer sends Bits, that are put "on hold"
    - The streamer cancels the action asked by the viewers (because the stream is ending for example)
    - After some delay, the Bits are refunded to the viewer because the transaction was not validated.

    -- Viewers send Bits, that are put "on hold"
    - The streamer cancels the action asked by the viewers (because the stream is ending…

    10 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Extensions  ·  Flag idea as inappropriate…  ·  Admin →
  14. https://dev.twitch.tv/docs/extensions/reference/#send-extension-pubsub-message

    The docs say Valid values: "broadcast", "global".

    But, the target 'whisper-opaqueId' to send "per user" pusub message is missing.

    10 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Investigating  ·  1 comment  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  15. I am currently developing a native Android application for Twitch and want to make use of the OAuth2.0 API. Since the Twitch Authorization Server doesn't seem to support the PKCE (Proof Key for Code Exchange), i will have to put my client secret into my native application, which isn't secure at all, because the app can easily be decompiled.

    This is a requirement for all native apps, as stated by the IETF in RFC 7636 (https://tools.ietf.org/html/rfc7636).

    I hope to see this implemented soon, because this poses a huge security risk for all native apps and their developers.

    10 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  API  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add subscriptionStatus to extension JWT. Currently subscriptionStatus is in Twitch.ext.viewer. With it in the JWT, it can be verified by an extension backend.

    10 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Extensions  ·  Flag idea as inappropriate…  ·  Admin →
  17. Extend

    {
    "error": "Conflict",
    "status": 409,
    "message": "subscription already exists"
    }

    to

    {
    "error": "Conflict",
    "status": 409,
    "message": "subscription already exists",
    "id": "id of the eventsub subscription that conflicts"
    }

    9 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  EventSub  ·  Flag idea as inappropriate…  ·  Admin →
  18. We should be able to CRUD the Role Manager that is in the Streamers Dashboard. This would resolve multiple UserVoice requests including CRUD for VIP, Mod & the Editor migration from v5.

    9 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  API  ·  Flag idea as inappropriate…  ·  Admin →
  19. What's been made available for the events from PubSub is nice, but currently there is no way to know of when a unfulfilled reward has been marked as complete by a Streamer/Mod. Since the event is already well structured, all that would need to be done is simply re-send the same event with the status property updated to reflect that it was fulfilled (either just using the existing "FULFILLED" value or possibly a new value like "MANUALLY FULFILLED").

    9 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  API  ·  Flag idea as inappropriate…  ·  Admin →
  20. It is impossible to get all clips for a channel.

    Please provide a way to get all clips for a channel

    9 votes
    Sign in Sign in with: OpenID Connect
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  API  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?