I got some user reports this morning that signing into our application with Twitch results in the user being greeted with a page that says ‘gone’ and nothing else.
In researching the topic it would appear that the login API used by social sign on is using a deprecated Twitch api version known as Kraken which was retired earlier this year. It’s strange because the deprication happened in February but our sign in has worked for a bit after that.
In an attempt to resolve the issue I have re-registered our app via the Twitch Dashboard and rotated the client ID and secret. The issue seems to persist when I try the “test connection” feature.
For context about our stack we are using the Auth0 PHP API and it appears other social sign-ons are working (Google and Facebook) so no issues with the login feature as a whole.
Our platform is in the eSports/streaming space so Twitch sign-in accounts for a pretty big chunk of our user base. So I’m hoping to get a quick solution if possible! Any chance there’s guidance on if this is just a small sneeze/outage from Twitch’s end? Do I need to migrate our social sign ons/tenant settings to allow for the newer version of the Twitch API?
A quick update: I was able to make a new test tenant and do the Twitch integration there and it seems to have worked. As an additional test I rotated the keys once more on our Twitch application and tried putting them in the old tenant/Twitch integration but it did not work. I’m hesitant to delete and re-add twitch as it mentions my Twitch users being deleted from my tenant. But at this point I seem fairly certain this is a tenant issue.
Another quick update - I discovered the Universal Login Page and enabled that. It’s quite sleek! And adds a lot of fun branding and production value to our sign in flow/makes it more cohesive; but alas that did not solve the issue either.
Update 3: So after reviewing Twitch Social Integration doesn't work for new Applications - #12 by konrad.sopala it seems like the newest SSO twitch widget has the issue fixed but requires the users who have the old one to delete their SSO connection and re-add it. I’m hesitant to do this because when I go to delete the connection it says " * This will permanently delete the twitch Social Connection and all of its users." – Twitch users account for a good 30+% of our userbase and I’m worried that this means the accounts will be deleted from the tenant and we’ll be up pooper creek without a paddle.
I’m doing a quick backup of my users via the user import/export extension just in case but can I get confirmation from Auth0 staff as to what the “delete all of it’s users” entails and how I can keep all my users in one place/mitigate the deletion so all my previous users can still sign in with the new API/SSO implementation?
This happened to my app as well. Since it’s still in development, deleting the social connection and re-authorizing users worked. Just asking for a new Twitch secret didn’t.