Skip to main content
This guide explains how to register a Twitch application and configure ngrok to use Twitch OAuth for user authentication. The steps follow Twitch’s OAuth 2.0 documentation.

What you’ll need

  • A Twitch account (two-factor authentication enabled for your developer account is recommended).
  • Your ngrok authtoken and an endpoint with the OAuth action in its Traffic Policy.

Create credentials for ngrok

  1. Go to the Twitch developer console, sign in, click Applications in the left menu, and then click Register Your Application.
  2. On the Register Your Application page, enter a Name, set OAuth Redirect URLs to https://idp.ngrok.com/oauth2/callback, select Website Integration in the Category selector, and then click Create.
Security: Enable two-factor authentication for your Twitch account before registering an app.
  1. On the Developer Applications page, click Manage for your application.
  2. On the application page, click New Secret and note the Client ID and Client Secret values.

Update your ngrok endpoint Traffic Policy

  1. Access the ngrok Dashboard Endpoints page and locate an existing endpoint you’d like to add this to or create a new one.
  2. In your traffic policy, add the following configuration:
You may add any scopes that are required by your application with the following caveats.
on_http_request:
  - actions:
      - type: oauth
        config:
          provider: twitch
          client_id: '{your app''s oauth client id}'
          client_secret: '{your app''s oauth client secret}'
          scopes:
            - user:read:email
            - openid
Click Save to validate and update your traffic policy.

Configure access control

Optionally, configure access control to your service by only allowing specific users or domains. 
on_http_request:
  - expressions:
      - '!(actions.ngrok.oauth.identity.email in [''me@example.com''])'
    actions:
      - type: deny

Further resources