Scopes listed at well-known oidc configuration are...

Netlob · 2021-09-24

The openid configuration at https://accounts.spotify.com/.well-known/openid-configuration lists the following scopes:

- email

- openid

- profile

But when trying to use one of these 3 scopes the oauth2 "invalid_scopes" error is thrown 😞 Which is understandable for the email and profile scope, but not for the openid scope since it's required by the open id connect spec

Just a heads up 🙃

Peter_Schorn · 2021-09-24

The list of scopes used by the Spotify web API are listed here:

https://developer.spotify.com/documentation/general/guides/scopes/

Netlob · 2021-09-24

Hi Peter,

Thanks for your answer. I’m aware of that list, but this was more of a heads up about the listed scopes not being supported (and the openid scope missing completly) 😅

Peter_Schorn · 2021-09-25

I don't know what openid is. Where is the documentation from Spotify about this?

Netlob · 2021-09-27

https://openid.net/specs/openid-connect-basic-1_0.html#Scopes
> REQUIRED. OpenID Connect requests MUST contain the openid scope value. OPTIONAL scope values of profile, email, address, phone, and offline_access are also defined. See Section 2.4 for more about the scope values defined by this document.

Peter_Schorn · 2021-09-27

This document does not mention Spotify. Where is the documentation that suggests that the Spotify web API supports OpenID?

ohej · 2021-10-04

Hi there

OpenID Connect is not a support authorization protocol for our WebAPI at this stage. You'll have to use OAuth with the scopes listed here: https://developer.spotify.com/documentation/general/guides/scopes/

We support PKCE, Code Flow, Client Credentials Flow and Implicit Grant. See https://developer.spotify.com/documentation/general/guides/authorization-guide/ for more info.

Help categories

Account & Payment

Using Spotify

Listen Everywhere