Api returning 500 error

marinagarat · 2023-08-04

Hello, everyone! I'm trying to get my recently played tracks and I'm getting a 500 error. This is my code, let me know if I'm doing something wrong. Thank you very much!

fetch("https://accounts.spotify.com/api/token?grant_type=client_credentials&client_id=<client_id>&client_secret=<client_secret>&scope=user-read-recently-played", {
  method: "POST",
  headers: {
    "Content-Type": "application/x-www-form-urlencoded",
  }
})
.then(response => response.json())
.then((response) => {
  fetch("https://api.spotify.com/v1/me/player/recently-played", {
    headers: {
      "Authorization": "Bearer " + response.access_token
    }
   
  })
})

Ximzend · 2023-08-04

"Since the Client Credentials flow does not include authorization, only endpoints that do not access user information can be accessed."

You should use another flow, mentioned at this page instead

XimzendSpotify Star

Help others find this answer and click "Accept as Solution".

If you appreciate my answer, maybe give me a Like.

Note: I'm not a Spotify employee.

anegri · 2023-08-05

+1, I would love to use the client credentials to grab data about the current user (who is associated with the client creds) during build time for a static site. This is a use case that doesn't have a good solution right now.

Any chance Spotify devs could allow for this?

Ximzend · 2023-08-05

@anegri "In scenarios where storing the client secret is not safe (e.g. desktop, mobile apps or JavaScript web apps running in the browser), you can use the authorization code with PKCE, as it provides protection against attacks where the authorization code may be intercepted."

XimzendSpotify Star

Help others find this answer and click "Accept as Solution".

If you appreciate my answer, maybe give me a Like.

Note: I'm not a Spotify employee.

Help categories

Account & Payment

Using Spotify

Listen Everywhere