topic Spotify OAuth Scope Parameter Not Included In Authorisation URL in Spotify for Developers https://community.spotify.com/t5/Spotify-for-Developers/Spotify-OAuth-Scope-Parameter-Not-Included-In-Authorisation-URL/m-p/6985102#M17991 <P>Hi everyone,</P><P>I’m working on integrating Spotify OAuth login into my React app. I want to request multiple scopes including <STRONG>user-read-email</STRONG>, <STRONG>user-read-private</STRONG>, and <STRONG>user-follow-read</STRONG>. However, when I build the authorization URL and redirect the user to Spotify’s login page, the URL only contains the first two scopes (<STRONG>user-read-email</STRONG> and <STRONG>user-read-private</STRONG>). The additional scopes I add (like <STRONG>user-follow-read</STRONG>) never appear in the URL query parameters.</P><P>I have tried:</P><UL><LI><P>Hardcoding the scopes string</P></LI><LI><P>Changing the order of scopes</P></LI><LI><P>Logging the constructed URL before redirecting, which still shows missing scopes</P></LI><LI><P>Using URL and URLSearchParams objects to build the URL as well as manually constructing the URL string</P></LI><LI><P>Testing in different browsers and incognito mode</P></LI><LI><P>Verifying the scopes are enabled in my Spotify Developer Dashboard app</P></LI><LI><P>Confirming my redirect URI exactly matches the registered URI in Spotify Dashboard</P></LI></UL><P>Here is a simplified example of the code I’m using to build the URL:</P><P>&nbsp;</P><LI-CODE lang="javascript">const CLIENT_ID = '...'; const REDIRECT_URI = 'http://127.0.0.1:8000/callback'; const SCOPE = 'user-read-email user-read-private user-follow-read'; const AUTH_ENDPOINT = 'https://accounts.spotify.com/authorize'; const authUrl = new URL(AUTH_ENDPOINT); authUrl.searchParams.set('response_type', 'code'); authUrl.searchParams.set('client_id', CLIENT_ID); authUrl.searchParams.set('scope', SCOPE); authUrl.searchParams.set('redirect_uri', REDIRECT_URI); authUrl.searchParams.set('state', crypto.randomUUID()); console.log(authUrl.toString()); // Scopes missing here too window.location.href = authUrl.toString(); </LI-CODE><P>Despite this, the scope parameter in the URL only includes the first two scopes, and the third scope (and any others I add) are missing.</P><P>Has anyone else encountered this? What could cause scopes to be omitted from the authorization URL when building it in React? Any tips or ideas to debug this would be appreciated!</P><P>Thanks in advance.</P><P>&nbsp;</P> Tue, 27 May 2025 15:19:07 GMT Tommyboy0797 2025-05-27T15:19:07Z Spotify OAuth Scope Parameter Not Included In Authorisation URL https://community.spotify.com/t5/Spotify-for-Developers/Spotify-OAuth-Scope-Parameter-Not-Included-In-Authorisation-URL/m-p/6985102#M17991 <P>Hi everyone,</P><P>I’m working on integrating Spotify OAuth login into my React app. I want to request multiple scopes including <STRONG>user-read-email</STRONG>, <STRONG>user-read-private</STRONG>, and <STRONG>user-follow-read</STRONG>. However, when I build the authorization URL and redirect the user to Spotify’s login page, the URL only contains the first two scopes (<STRONG>user-read-email</STRONG> and <STRONG>user-read-private</STRONG>). The additional scopes I add (like <STRONG>user-follow-read</STRONG>) never appear in the URL query parameters.</P><P>I have tried:</P><UL><LI><P>Hardcoding the scopes string</P></LI><LI><P>Changing the order of scopes</P></LI><LI><P>Logging the constructed URL before redirecting, which still shows missing scopes</P></LI><LI><P>Using URL and URLSearchParams objects to build the URL as well as manually constructing the URL string</P></LI><LI><P>Testing in different browsers and incognito mode</P></LI><LI><P>Verifying the scopes are enabled in my Spotify Developer Dashboard app</P></LI><LI><P>Confirming my redirect URI exactly matches the registered URI in Spotify Dashboard</P></LI></UL><P>Here is a simplified example of the code I’m using to build the URL:</P><P>&nbsp;</P><LI-CODE lang="javascript">const CLIENT_ID = '...'; const REDIRECT_URI = 'http://127.0.0.1:8000/callback'; const SCOPE = 'user-read-email user-read-private user-follow-read'; const AUTH_ENDPOINT = 'https://accounts.spotify.com/authorize'; const authUrl = new URL(AUTH_ENDPOINT); authUrl.searchParams.set('response_type', 'code'); authUrl.searchParams.set('client_id', CLIENT_ID); authUrl.searchParams.set('scope', SCOPE); authUrl.searchParams.set('redirect_uri', REDIRECT_URI); authUrl.searchParams.set('state', crypto.randomUUID()); console.log(authUrl.toString()); // Scopes missing here too window.location.href = authUrl.toString(); </LI-CODE><P>Despite this, the scope parameter in the URL only includes the first two scopes, and the third scope (and any others I add) are missing.</P><P>Has anyone else encountered this? What could cause scopes to be omitted from the authorization URL when building it in React? Any tips or ideas to debug this would be appreciated!</P><P>Thanks in advance.</P><P>&nbsp;</P> Tue, 27 May 2025 15:19:07 GMT https://community.spotify.com/t5/Spotify-for-Developers/Spotify-OAuth-Scope-Parameter-Not-Included-In-Authorisation-URL/m-p/6985102#M17991 Tommyboy0797 2025-05-27T15:19:07Z