Type in your question below and we'll check to see what answers we can find...
Loading article...
Submitting...
If you couldn't find any answers in the previous step then we need to post your question in the community and wait for someone to respond. You'll be notified when that happens.
Simply add some detail to your question and refine the title if needed, choose the relevant category, then post.
Before we can post your question we need you to quickly make an account (or sign in if you already have one).
Don't worry - it's quick and painless! Just click below, and once you're logged in we'll bring you right back here and post your question. We'll remember what you've already typed in so you won't have to do it again.
I am building a playlist curation app using the API. Currently, I use the oauth workflow.
However, for my use case, it does not matter who the literal user is. My users can make playlists on my personal account, for all I care. I would use the 'implicit grant' auth flow, but I need to have a list of permissions.
How can I authorize other users to curate playlists in my Spotify account?
Here is a snippet.
un='musicfan'
pw='<>**bleep**('/login')
def login():
state = generate_random_string(16)
scope = "user-follow-read,user-modify-playback-state,playlist-read-private,playlist-modify-private,user-library-read"
return redirect('https://accounts.spotify.com/authorize?' +
urlencode({
'response_type': 'code',
'client_id': client_id,
'scope': scope,
'redirect_uri': redirect_uri,
'state': state
}))
It can't be done with a Authorization Token and a Refresh Token, that you'll need to generate using the Authorization Code Flow.
You'll need to create a page that sends you to the Spotify app authorization page, and prints out those tokens. You'll need to store these tokens on your server, so that your server side script can use them.
When the Authorization Token is expired, the token can be refreshed with the Refresh Token. When the Refresh Token is expired, you'll also get a new one of those. Store the new token(s) in the place of the old once.
Thank you, I'm currently using the Authorization Code Flow. This redirects my user to login and give my app permissions. The issue with this is that I don't need to access their information or make changes in their account.
I want them to be able to mess around in my account.
The next step is to let your app print out the Access Token and a Refresh Token. Your app needs those tokens to make changes on behave of you.
You can read how to refresh an Access Token at the same page.
(If everything works, you can archive the login page you've used to get the tokens.)
According to your example, the end-user still needs to login and authorize Spotify. Correct?
The owner of the playlists needs to log in once to get the required tokens.
Hey there you, Yeah, you! 😁 Welcome - we're glad you joined the Spotify Community! While you here, let's have a fun game and get…