https://community.spotify.com/t5/Spotify-for-Developers/Small-omission-on-code-flow-auth-guide/m-p/5383815#M4625 <P><A href="https://developer.spotify.com/documentation/general/guides/authorization/code-flow/" target="_blank" rel="noopener">https://developer.spotify.com/documentation/general/guides/authorization/code-flow/</A></P><P>&nbsp;</P><P>In the section about requesting an access token, the guide does not make it clear that the "<SPAN>Authorization" header is not required if implementing the PKCE extension. Clarifying this is important as the main point of PKCE is that it does not require authorizing with a client secret. </SPAN></P><P>&nbsp;</P><P><SPAN>The guide <EM>does</EM> make it clear that this header is not required in the section about requesting a refreshed Access Token.</SPAN></P> Thu, 19 May 2022 09:20:34 GMT riokou 2022-05-19T09:20:34Z https://community.spotify.com/t5/Spotify-for-Developers/Small-omission-on-code-flow-auth-guide/m-p/5383815#M4625 <P><A href="https://developer.spotify.com/documentation/general/guides/authorization/code-flow/" target="_blank" rel="noopener">https://developer.spotify.com/documentation/general/guides/authorization/code-flow/</A></P><P>&nbsp;</P><P>In the section about requesting an access token, the guide does not make it clear that the "<SPAN>Authorization" header is not required if implementing the PKCE extension. Clarifying this is important as the main point of PKCE is that it does not require authorizing with a client secret. </SPAN></P><P>&nbsp;</P><P><SPAN>The guide <EM>does</EM> make it clear that this header is not required in the section about requesting a refreshed Access Token.</SPAN></P> Thu, 19 May 2022 09:20:34 GMT https://community.spotify.com/t5/Spotify-for-Developers/Small-omission-on-code-flow-auth-guide/m-p/5383815#M4625 riokou 2022-05-19T09:20:34Z