Skills
skills/goncy/skills/kick-api

kick-api

SKILL.md

Kick API

Expert guidance for building integrations with the Kick streaming platform public API.

Quick Start

Base URL: https://api.kick.com/public/v1/

All requests require: Authorization: Bearer <access_token>

All responses use JSON envelope:

{ "data": { ... }, "message": "OK" }

Errors:

{ "error": "error_code", "error_description": "...", "message": "..." }

Authentication Overview

Use OAuth 2.1 with PKCE. Two token types:

  • App Access Token — Client Credentials flow, server-to-server, public data only
  • User Access Token — Authorization Code Grant + PKCE, user-specific data and actions

Tokens expire in 7200 seconds (2 hours). Implement refresh token logic and handle 429 rate limits with exponential backoff.

Get client credentials at: https://kick.com/settings/developer or https://dev.kick.com

Critical Gotchas

  • Stream key visibility: The key field in channel responses only appears when the authenticated user owns the channel AND has streamkey:read scope
  • Refresh tokens are reusable (since Nov 2025), but refreshing generates a new refresh token — always store the new one
  • Webhook signatures use Ed25519, not HMAC — verify using the public key from GET /public-key
  • Events are at-least-once delivery — deduplicate using Kick-Event-Message-Id header
  • broadcaster_user_id vs chatroom ID: broadcaster_user_id is for API calls; chatroom IDs are internal/Pusher only
  • DELETE /moderation/ban uses JSON body, not query params
  • Chat type field: Must be "user" or "bot" — bot messages display with a badge
  • Multiple broadcaster_user_id params supported on /livestreams endpoint (since Jul 2025)
  • Email field in /users response only visible to the authenticated user themselves

OAuth Scopes

Specify as space-separated string in OAuth request: scope=user:read channel:read chat:write

Scope Grants
user:read Read user profile
channel:read Read channel info
channel:write Update stream metadata
chat:write Send chat messages
chat:delete Delete chat messages
streamkey:read Read stream key
events:subscribe Manage webhook subscriptions
moderation:manage Ban/unban users

Webhook Setup

  1. Configure publicly accessible HTTPS URL in dev settings
  2. Obtain token with events:subscribe scope
  3. Subscribe to events via POST /events/subscriptions
  4. Respond 200 OK immediately to acknowledge receipt
  5. Verify Ed25519 signatures using public key from GET /public-key
  6. Track Kick-Event-Message-Id to deduplicate (at-least-once delivery)

Kick retries webhooks 3 times and auto-unsubscribes on persistent failure.

Cache the public key at startup and re-fetch only if verification fails (handles key rotation).

WebSocket Chat (Unofficial)

Kick uses Pusher protocol for real-time WebSocket chat. This is not part of the official public API — use webhook events (chat.message.sent) for production integrations.

To access WebSocket chat:

  1. Fetch chatroom ID via https://kick.com/api/v2/channels/{slug} (look for "chatroom":{"id":...})
  2. Connect to Pusher WebSocket using chatroom ID
  3. Subscribe to chatroom channel for real-time events

Note: The /api/v2/ endpoint is behind Cloudflare protection — requires browser or proper Cloudflare handling. Chatroom ID differs from broadcaster_user_id.

For stable integration, prefer official webhook events and REST endpoints.

References

Consult these detailed references as needed:

  • references/detailed-guide.md — Complete endpoint specifications, OAuth flows, request/response schemas, webhook event payloads, and code examples. Read when implementing OAuth, making API calls, processing webhook events, or debugging signature verification.
Weekly Installs
1
Repository
goncy/skills
GitHub Stars
14
First Seen
6 days ago
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykWarn
Installed on
amp1
cline1
opencode1
cursor1
kimi-cli1
codex1