Announcements

Help Wizard

Step 1

NEXT STEP

FAQs

Please see below the most popular frequently asked questions.

Loading article...

Loading faqs...

VIEW ALL

Ongoing Issues

Please see below the current ongoing issues which are under investigation.

Loading issue...

Loading ongoing issues...

VIEW ALL

Errors in authorization code flow documentation for refreshing token?

Errors in authorization code flow documentation for refreshing token?

Avatar of larsks
Newbie
2022-05-27 03:39 AM

According to the authorization code flow documentation, in order to use a refresh token to receive a new access token we need to POST a request to https://accounts.spotify.com/api/token with the following fields in the x-www-form-urlencoded body:

 

  • grant_type
  • refresh_token

And send an HTTP basic authorization header with the base64 "client_id:client_secret" value. That all translate into something like:

 

curl https://accounts.spotify.com/api/token \
  -d 'grant_type=refresh_token' \
  -d 'refresh_token=...' \
  -H "Authorization: Basic $(echo -n "$client_id:$client_secret"|base64 -w0)"

 

..but this doesn't appear to work. Following the suggestion of some random person on github, I am able to successfully request a new access token if I get rid of the authorization header and include in the request body:

 

  • grant_type
  • refresh_token
  • client_id
  • client_secret

That is:

curl https://accounts.spotify.com/api/token \
  -d 'grant_type=refresh_token' \
  -d 'refresh_token=...' \
  -d "client_id=$client_id" \
  -d "client_secret=$client_secret"

 

Is the documentation incorrect? Am I just lucky that the second form of the request works, even though it's not documented?  Thanks!

0 Likes
Reply
0 Replies

Suggested posts

Let's introduce ourselves!

Hey there you,   Yeah, you! 😁   Welcome - we're glad you joined the Spotify Community!   While you here, let's have a fun game and get…

Staff
ModeratorStaff / Moderator/ 3 years ago in Social & Random
Read more

Type a product name