If you want to act as another user in chat, access a user's private resources as part of your app, or just want to use Mixer credentials to authenticate your users, it's best to use OAuth so the users' credentials don't need to be stored on your servers.

OAuth is a system that replaces traditional user/password combos with app-specific tokens. Your app can request a set of tokens for a certain user with a specific set of permissions. This way your app only gets access to what it needs and all other details will stay hidden. It's a win-win scenario for both your app's functionality, and our users' privacy.

To start using OAuth create an application as described below.

Registering Your Application

To create an application, head over to your OAuth Clients page. Once there, click the blue "Create New Client" button and it'll open the creation form.

On this page you'll need to enter some basic details about your application, like its name, website and logo. All of these details will be displayed publicly to users of your app.


The hosts parameter is an important one; it tells us what domains your application can redirect to. This should be set to domains you control. You can use wildcards. For example, *, will allow redirects to all subdomains on, but not itself. You can enter multiple hosts by separating them with commas.

Using OAuth

The OAuth 2.0 protocol is simple enough, but that doesn't mean you should implement it from scratch. Most popular languages will have a library to easily interface with an OAuth server. A partial list of suggested clients can be found on this website. If you're interested in reading an in depth explanation of how OAuth works head here.

We strongly advise you to use an existing OAuth client library whenever possible, rather than writing your own implementation. OAuth is hard to securely implement, and the time you spend trying to do so would be better spent building something awesome.

"To be clear, OAuth 2.0 at the hand of a developer with deep understanding of web security will likely result is a secure implementation. However, at the hands of most developers – as has been the experience from the past two years – 2.0 is likely to produce insecure implementations."

Eran Hammer

To use our OAuth implementation you'll just need the URLs which can be found at the top of this page and your token from the OAuth Clients page.

Authenticating with a short code

For convenience, we also provide an alternative authentication method where the user is prompted to enter a temporary code to approve your application. This method makes sense for situations where it is more difficult to embed a browser or require keyboard input from the user.

  1. Your application sends a POST request to the /oauth/shortcode endpoint to receive a short-lived, six-digit code and a longer handle.
  2. Your application asks the user to go to and enter the code.
  3. Your application polls /oauth/shortcode/check/{handle} with the value of handle to check if the code has been used.
  4. If the user entered the code and accepted your application, you will receive an OAuth authorization code, code, which you will then pass to the /oauth/token endpoint through the standard authorization_code process.

Reauthorizing an application

If a user is sent to the Authorize endpoint and they have already granted the permissions to the application before, Mixer will automatically skip the approval page for convenience, so the user does not have to approve again. In some cases this might be undesirable, and you can force the user to reapprove the application every time by passing approval_prompt=force in the Authorize endpoint's URL.

OAuth Scopes

To request access to a users' account you need to use scopes. Scopes limit the amount of access a certain application has to the account. The full list of scopes which can be requested are listed below, and are also listed on the endpoints themselves over on the REST API reference.

Scope Description
achievement:view:self View your earned achievements.
channel:analytics:self View your channel analytics.
channel:clip:create:self Create new clips from videos on your channel.
channel:clip:delete:self Allows deleting existing clips on your channel.
channel:costream:self Manage your costreaming requests.
channel:deleteBanner:self Delete your channel banner
channel:details:self View your channel details.
channel:follow:self Follow and unfollow other channels.
channel:partnership Create and view partnership applications.
channel:partnership:self Manage your partnership status.
channel:streamKey:self View your channel's stream key.
channel:teststream:view:self Watch your test streams.
channel:update:self Update your channel settings
chat:bypass_catbot Bypasses the catbot chat filter.
chat:bypass_filter Bypass the chat content filter.
chat:bypass_links Bypass links being disallowed in chat.
chat:bypass_slowchat Bypass slowchat settings on channels.
chat:change_ban Manage bans in chats.
chat:change_role Manage roles in chats.
chat:chat Interact with chats on your behalf.
chat:clear_messages Clear messages in chats where authorized.
chat:connect Connect to chat.
chat:edit_options Edit chat options, including links settings and slowchat.
chat:giveaway_start Start a giveaway in chats where authorized.
chat:poll_start Start a poll in chats where authorized.
chat:poll_vote Vote in chat polls.
chat:purge Clear all messages from a specific user in chat.
chat:remove_message Remove own and other's messages in chat.
chat:timeout Change timeout settings in chats.
chat:view_deleted View deleted messages in chat.
chat:whisper Gives the ability to whisper in a channel
delve:view:self View your Mixer homepage experience and recommendations.
interactive:manage:self Create, update and delete the interactive games in your account.
interactive:robot:self Run as an interactive game in your channel.
invoice:view:self View the users invoices.
log:view:self View and manage your security log.
oauth:manage:self View and manage your OAuth clients.
recording:manage:self Manage the users VODs.
redeemable:create:self Create redeemables after performing a purchase.
redeemable:redeem:self Use users redeemable.
redeemable:view:self View users redeemables.
resource:find:self View emoticons and other graphical resources you have access to.
subscription:cancel:self Cancel your subscriptions.
subscription:create:self Create new subscriptions.
subscription:renew:self Renew your existing subscriptions.
subscription:view:self View who you're subscribed to.
team:administer Administrate teams the user has rights in.
team:manage:self Create, join, leave teams and set the users primary team.
transaction:cancel:self Cancel pending transactions.
transaction:view:self View your pending transactions.
user:analytics:self View your user analytics
user:details:self View your email address and other private details.
user:getDiscordInvite:self View users discord invites.
user:log:self View your user security log.
user:notification:self View and manage your notifications.
user:seen:self Mark a VOD as seen for the user.
user:update:self Update your account, including your email but not your password.
user:updatePassword:self Update your password.

Need more help?

If you're still not sure, or would like some help, hit us up on Gitter!