https://community.spotify.com/t5/Spotify-for-Developers/Authorization-Code-Flow-from-stand-alone-application/m-p/5439321#M6646 <BLOCKQUOTE><P class=""><SPAN>If I understand correctly, in response to the first API request, a browser is needed to display scopes and allow users to authorize the app. Subsequently, using what you suggest, the remaining steps (receiving the code, requesting tokens) can be done in the standalone app.</SPAN></P><HR /></BLOCKQUOTE><P>Yes, this is correct.</P><P>&nbsp;</P><BLOCKQUOTE><HR />Is the browser requirement due to security?<HR /></BLOCKQUOTE><P>Yes. Your app shouldn't have access to the Spotify user's username and password, so they need to login to their account in the browser. <STRONG>This process only needs to be done once.</STRONG>&nbsp;After that, you can refresh the access token as many times as you want.&nbsp;</P> Tue, 04 Oct 2022 16:56:01 GMT Peter_Schorn 2022-10-04T16:56:01Z https://community.spotify.com/t5/Spotify-for-Developers/Authorization-Code-Flow-from-stand-alone-application/m-p/5436737#M6590 <P>I want to play tracks for a user from a stand-alone application on a Windows computer. This application is written in Java. There doesn't appear to be a way to do the Authorization Code Flow for a user for this configuration. It looks like that can only be done from content hosted in a browser. Is that correct?</P><P>&nbsp;</P><P>I can do the Client Credentials Flow but that does not authenticate a user and hence I cannot play a track for the user with that.</P><P>&nbsp;</P><P><STRONG>Plan</STRONG></P><P>Premium</P><P><STRONG>Country</STRONG></P><P>US</P><P><STRONG>Device</STRONG></P><P>Laptop</P><P><STRONG>Operating System</STRONG></P><P>Windows 10</P> Wed, 28 Sep 2022 23:38:12 GMT https://community.spotify.com/t5/Spotify-for-Developers/Authorization-Code-Flow-from-stand-alone-application/m-p/5436737#M6590 umeshberry 2022-09-28T23:38:12Z https://community.spotify.com/t5/Spotify-for-Developers/Authorization-Code-Flow-from-stand-alone-application/m-p/5438404#M6627 <P>You can implement the authorization code flow from any application. You will need to open the authorization URL in the browser, but you can register a custom URL scheme for your Windows application (you'll have to do your own research on how to do this) so that Spotify redirects to your application after the user accepts your authorization request.</P> Sun, 02 Oct 2022 23:14:37 GMT https://community.spotify.com/t5/Spotify-for-Developers/Authorization-Code-Flow-from-stand-alone-application/m-p/5438404#M6627 Peter_Schorn 2022-10-02T23:14:37Z https://community.spotify.com/t5/Spotify-for-Developers/Authorization-Code-Flow-from-stand-alone-application/m-p/5439181#M6642 <P>Thanks. If I understand correctly, in response to the first API request, a browser is needed to display scopes and allow users to authorize the app. Subsequently, using what you suggest, the remaining steps (receiving the code, requesting tokens) can be done in the standalone app. This helps improve the user experience, but it is still not seamless. Ideally, the app would request authorization and the user would authorize from within the app without switching to a browser.</P><P>&nbsp;</P><P>Is the browser requirement due to security? I am a newbie when it comes to security... can anyone provide insight on if that is the case and why?</P> Tue, 04 Oct 2022 12:24:48 GMT https://community.spotify.com/t5/Spotify-for-Developers/Authorization-Code-Flow-from-stand-alone-application/m-p/5439181#M6642 umeshberry 2022-10-04T12:24:48Z https://community.spotify.com/t5/Spotify-for-Developers/Authorization-Code-Flow-from-stand-alone-application/m-p/5439321#M6646 <BLOCKQUOTE><P class=""><SPAN>If I understand correctly, in response to the first API request, a browser is needed to display scopes and allow users to authorize the app. Subsequently, using what you suggest, the remaining steps (receiving the code, requesting tokens) can be done in the standalone app.</SPAN></P><HR /></BLOCKQUOTE><P>Yes, this is correct.</P><P>&nbsp;</P><BLOCKQUOTE><HR />Is the browser requirement due to security?<HR /></BLOCKQUOTE><P>Yes. Your app shouldn't have access to the Spotify user's username and password, so they need to login to their account in the browser. <STRONG>This process only needs to be done once.</STRONG>&nbsp;After that, you can refresh the access token as many times as you want.&nbsp;</P> Tue, 04 Oct 2022 16:56:01 GMT https://community.spotify.com/t5/Spotify-for-Developers/Authorization-Code-Flow-from-stand-alone-application/m-p/5439321#M6646 Peter_Schorn 2022-10-04T16:56:01Z https://community.spotify.com/t5/Spotify-for-Developers/Authorization-Code-Flow-from-stand-alone-application/m-p/5439376#M6647 <P>Got it. Thanks.</P> Tue, 04 Oct 2022 18:44:35 GMT https://community.spotify.com/t5/Spotify-for-Developers/Authorization-Code-Flow-from-stand-alone-application/m-p/5439376#M6647 umeshberry 2022-10-04T18:44:35Z