Spotify Community

Hi. Yes, see below:

client_id = ''

client_secret = ''

redirect_uri = 'http://localhost:8888/callback'

scope = 'user-read-recently-played'

token_url = 'https://accounts.spotify.com/api/token'

history_url = 'https://api.spotify.com/v1/me/player/recently-played'

base64_auth = b64encode(f'{client_id}:{client_secret}'.encode()).decode('utf-8')

def get_access_token():

    headers = {

        'Authorization': f'Basic {base64_auth}',

        'Content-Type': 'application/x-www-form-urlencoded',

    }

    data = {

        'grant_type': 'client_credentials',

        'scope': 'user-read-recently-played',

    }

    response = requests.post(token_url, headers=headers, data=data)

    return response.json().get('access_token')

def get_recently_played(access_token):

    headers = {

        'Authorization': f'Bearer {access_token}',

    }

    response = requests.get(history_url, headers=headers)

    return response.json()

access_token = get_access_token()

recently_played = get_recently_played(access_token)

print(recently_played) # I get  {'error': {'status': 500, 'message': 'Server error.'}}    here

Also, what is the life of a refresh token?

The problem is  'grant_type': 'client_credentials'

Since the Client Credentials flow does not include authorization, only endpoints that do not access user information can be accessed. Therefore, in this case, you should use a different Authorization method that lets you log in.

I don't know the lifetime of a refresh token. You will get a new one if it is expired when you refresh the access token.

Hi Ximzend,

I understand that, so I tried to get a refresh token which I was able to do to get a new access token to make a request which worked. However, the refresh token I used was only able to be used once then I got {"error":"invalid_grant","error_description":"Refresh token revoked"} when I tried to use the same token to get a new access token after 3600 seconds since it had expired. I am looking for a way to generate a refresh token manually every so often as in weeks to update and then use that refresh token to generate a new access token on a schedule such as daily in a scheduled script. How can I generate a refresh token with an extended life and have the permissions to be reused for its lifetime?

In some cases, you can use the refresh token only once, so you should get a new one after every refresh.

Note: your code doesn't use anything of the Python module Spotipy...

So how can I get a new token after every refresh? I want to run this code on AWS Lambda without the need to have a URL open and have to accept and then get a token. I am willing to do that every so often as every few weeks but I need the script to run very often and authenticate itself on its own. I tried using Spotipy which worked fine locally but the Lambda function cannot authenticate because I cannot open the URL. I also tried on an EC2 to no avail.  Any suggestions? 

Hi Ximzend,

That seemed to work. I took the local .cache file and put it on my EC2. It will continue to update on its own, correct? Thanks for all the help, I appreciate it.

Yes. But keep in mind that when the script doesn't run for a long while, the refresh token will be too old to renew the access token. I don't know for how long, but it lasts definitely more than a week.

Hi Ximzend,

If I am running it every 30 min it will update, correct?

Yes, definitely. That's a much shorter time period than a week.

Fantastic. Thanks for all the help.