Authentication API failing in production right now

Reply
Highlighted

Re: Authentication API failing in production right now

Regular

I am experiencing the same thing since yesterday. We haven't changed anything either. After we get the code from the call to /authorize, I get the following when exchanging it for an access/refresh at /api/token.

 

{
    "error": "invalid_request",
    "error_description": ""
}

 

I can provide some cURLs if that will help with diagnosis.  

Highlighted

Re: Authentication API failing in production right now

Spotify
Spotify

Hey @rogerchang1 and @rohitganapathy. Are your apps open source? If so, you can link to them in the thread here and I'll take a look. You might also want to try the Glitch sample app that I linked to above. Let me know if this template is not working for you: https://glitch.com/~spotify-authorization-code

Highlighted

Re: Authentication API failing in production right now

Music Fan
Hey josh . So I have another app hooked up to the same Spotify API App but linked to a different redirect uri and OAuth seems to be working perfectly fine there. The glitch app doesn't help because our code is the same for both these apps but it works with one and not the other. My app is not open source but I can can get you the required screenshots and metadata you might need to investigate this? As mentioned earlier. I'm able to get an authorization code. So it basically boils down to the /token endpoint. Could this be a case of authorisation code being intercepted or something? Also do you have any idea why the error description is blank? Thanks for the reply. Stay safe and take care. Times are rough.
Highlighted

Re: Authentication API failing in production right now

Music Fan

I just tried creating another Spotify API App. Which means a new client ID and secret. Still getting the same error. In case that helps

Highlighted

Re: Authentication API failing in production right now

Regular
I tried the glitch app and it works there. However, my app is a react-native app with a redirect_uri back to the app. Another difference is I am using react-native-app-auth to authorize instead of calling spotifyApi.createAuthorizeUrl(). I've configured it similar to the second snippet where the tokenEndpoint points back to my server
https://github.com/FormidableLabs/react-native-app-auth/blob/master/docs/config-examples/spotify.md
Could it be possible that react-native-app-auth is passing different parameters to the spotify authorize url causing the code returned to not work?

Highlighted

Re: Authentication API failing in production right now

Regular
@spotifyjosh,
Actually, if I use the first configuration where I keep the secret in the app and set the tokenEndpoint to https://accounts.spotify.com/api/token, (like the first example here https://accounts.spotify.com/api/token) it works fine. I'm very puzzled. Is there any way to check the logs? I can give you whatever information is needed.
Highlighted

Re: Authentication API failing in production right now

Music Fan
hey my scenario is exactly the same! React native app + react native app auth hooked to a Django backend with the token swap happening on the Django server.
Highlighted

Re: Authentication API failing in production right now

Casual Listener

Uhm.

 

Even de cURL example from the documentation (replaced with correct values) fails with the exact same nondescript error. 

 

Specifically it's the token exchange that fails. 

 

 

Highlighted

Re: Authentication API failing in production right now

Spotify
Spotify

@rogerchang1 wrote:
Could it be possible that react-native-app-auth is passing different parameters to the spotify authorize url causing the code returned to not work?

Yes that could be the problem, @rogerchang1. Spotify does not support PKCE.  


@SleeplessByte, welcome to the forum. Which URL parameters did you include in the authorization request URI? 

Highlighted

Re: Authentication API failing in production right now

Spotify
Spotify

To be extra clear, I mean which query parameter keys does your app include after https://accounts.spotify.com/authorize? For example: show_dialog, scope 🙂

SUGGESTED POSTS