Help Wizard

Step 1


Spotify PKCE Auth Invalid Client Secret

Spotify PKCE Auth Invalid Client Secret

Check StackOverflow for full code


I need to complete Authorization Code Flow with Proof Key for Code Exchange. In step 4, I get an error 400 - bad request. I can't understand what problem is.


 {"error":"invalid_request","error_description":"Invalid client secret"}. What? I used PKCE, why you need client secret?

1 Reply



Did you ever get this working?  I struggled with this for a bit until I found I had an odd typo in my code.  The weird thing was that the typo resulted in a URL that was valid for a regular auth flow, but not a PKCE flow.  So it would still return an authorization code that I could redeem for a regular auth flow token if I provided my client ID and secret.  Triple check your URL generator for the PKCE flow and make sure you don't have any typos there that could be causing this same issue.


Hope this helps!


- Will


Suggested posts