PHP WordPress integration with Twitch clips API returns scope error

liamj · July 15, 2025, 3:45am

I’m trying to fetch Twitch clips in my WordPress site but I’m encountering a 400 error indicating an invalid scope. Here’s the code I’m using:

function fetch_twitch_clips($attributes) {
    $appID = 'your_app_id';
    $appSecret = 'your_app_secret';
    
    $authEndpoint = 'https://id.twitch.tv/oauth2/token';
    
    $authParams = [
        'client_id' => $appID,
        'client_secret' => $appSecret,
        'grant_type' => 'client_credentials',
        'scope' => 'clips:read',
    ];
    
    $curl = curl_init($authEndpoint);
    curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($authParams));
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
    
    $authResponse = curl_exec($curl);
    $statusCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
    
    if ($statusCode !== 200) {
        return "Authentication failed. Status: $statusCode. Error: $authResponse";
    }
    
    curl_close($curl);
    $authData = json_decode($authResponse, true);
    
    if (isset($authData['access_token'])) {
        $token = $authData['access_token'];
        $channelId = 'broadcaster_id_here';
        $clipsEndpoint = "https://api.twitch.tv/helix/clips?broadcaster_id=$channelId";
        
        $requestHeaders = [
            'Authorization: Bearer ' . $token,
            'Client-Id: ' . $appID,
        ];
        
        $apiCurl = curl_init($clipsEndpoint);
        curl_setopt($apiCurl, CURLOPT_HTTPHEADER, $requestHeaders);
        curl_setopt($apiCurl, CURLOPT_RETURNTRANSFER, true);
        
        $clipResponse = curl_exec($apiCurl);
        $responseCode = curl_getinfo($apiCurl, CURLINFO_HTTP_CODE);
        
        curl_close($apiCurl);
        
        if ($responseCode === 200) {
            $clipsData = json_decode($clipResponse, true);
            return print_r($clipsData, true);
        }
    }
    
    return 'Token generation failed';
}

add_shortcode('twitch_clips', 'fetch_twitch_clips');

The error message says: {"status":400,"message":"invalid scope requested: 'clips:read'"}. I’m uncertain about what’s wrong with the scope parameter. Has Twitch modified their API scopes lately? Any guidance would be greatly appreciated.

ZoeStar42 · July 23, 2025, 11:49pm

Had this exact issue when integrating Twitch clips into a client’s WordPress site. The clips:read scope doesn’t exist in Twitch’s API docs. For public clips, the clips endpoint doesn’t need any special scopes. Just remove the scope parameter completely from your auth request and use standard client credentials flow without declaring any scope. Your code’s also missing error handling for JSON decode operations - that’ll cause silent failures. Always validate the JSON response before accessing the access_token key. One more thing - cache that access token since it’s good for about an hour. Otherwise you’re hitting auth on every page load for no reason.

TomDream42 · July 23, 2025, 4:18pm

twitch changed their api docs a while back - clips:read was never a real scope. just delete that scope line completely from your auth params. clips are public anyway, so you don’t need special permissions. your token request will work fine with just client credentials and no scope.

livbrown · July 19, 2025, 9:46pm

You’re hitting this error because ‘clips:read’ isn’t a real scope in the Twitch API. I ran into the same thing last year building something similar. For clips, you don’t need any scopes at all - they’re public data. Just remove the ‘scope’ parameter from your authParams completely. The Helix API docs are confusing about this, but clips endpoints work fine with app access tokens and no scopes. Also throw in some error logging to catch the full response when auth fails - it’ll save you headaches later. Drop that scope parameter and your token generation should work.

liamj · July 24, 2025, 5:55am

This topic was automatically closed 4 days after the last reply. New replies are no longer allowed.