Kick API

Expert guidance for building integrations with the Kick streaming platform public API.

Quick Start

Base URL: https://api.kick.com/public/v1/

All requests require: Authorization: Bearer <access_token>

All responses use JSON envelope:

{ "data": { ... }, "message": "OK" }

Errors:

{ "error": "error_code", "error_description": "...", "message": "..." }

Authentication Overview

Use OAuth 2.1 with PKCE. Two token types:

• App Access Token — Client Credentials flow, server-to-server, public data only
• User Access Token — Authorization Code Grant + PKCE, user-specific data and actions

Tokens expire in 7200 seconds (2 hours). Implement refresh token logic and handle 429 rate limits with exponential backoff.

Get client credentials at: https://kick.com/settings/developer or https://dev.kick.com

Critical Gotchas

• Stream key visibility: The key field in channel responses only appears when the authenticated user owns the channel AND has streamkey:read scope
• Refresh tokens are reusable (since Nov 2025), but refreshing generates a new refresh token — always store the new one
• Webhook signatures use Ed25519, not HMAC — verify using the public key from GET /public-key
• Events are at-least-once delivery — deduplicate using Kick-Event-Message-Id header
• broadcaster_user_id vs chatroom ID: broadcaster_user_id is for API calls; chatroom IDs are internal/Pusher only
• DELETE /moderation/ban uses JSON body, not query params
• Chat type field: Must be "user" or "bot" — bot messages display with a badge
• Multiple broadcaster_user_id params supported on /livestreams endpoint (since Jul 2025)
• Email field in /users response only visible to the authenticated user themselves

OAuth Scopes

Specify as space-separated string in OAuth request: scope=user:read channel:read chat:write

Scope	Grants
user:read	Read user profile
channel:read	Read channel info
channel:write	Update stream metadata
chat:write	Send chat messages
chat:delete	Delete chat messages
streamkey:read	Read stream key
events:subscribe	Manage webhook subscriptions
moderation:manage	Ban/unban users

Webhook Setup

1. Configure publicly accessible HTTPS URL in dev settings
2. Obtain token with events:subscribe scope
3. Subscribe to events via POST /events/subscriptions
4. Respond 200 OK immediately to acknowledge receipt
5. Verify Ed25519 signatures using public key from GET /public-key
6. Track Kick-Event-Message-Id to deduplicate (at-least-once delivery)

Kick retries webhooks 3 times and auto-unsubscribes on persistent failure.

Cache the public key at startup and re-fetch only if verification fails (handles key rotation).

WebSocket Chat (Unofficial)

Kick uses Pusher protocol for real-time WebSocket chat. This is not part of the official public API — use webhook events (chat.message.sent) for production integrations.

To access WebSocket chat:

1. Fetch chatroom ID via https://kick.com/api/v2/channels/{slug} (look for "chatroom":{"id":...})
2. Connect to Pusher WebSocket using chatroom ID
3. Subscribe to chatroom channel for real-time events

Note: The /api/v2/ endpoint is behind Cloudflare protection — requires browser or proper Cloudflare handling. Chatroom ID differs from broadcaster_user_id.

For stable integration, prefer official webhook events and REST endpoints.

References

Consult these detailed references as needed:

• references/detailed-guide.md — Complete endpoint specifications, OAuth flows, request/response schemas, webhook event payloads, and code examples. Read when implementing OAuth, making API calls, processing webhook events, or debugging signature verification.