Announcements

Help Wizard

Step 1

NEXT STEP

FAQs

Please see below the most popular frequently asked questions.

Loading article...

Loading faqs...

VIEW ALL

Ongoing Issues

Please see below the current ongoing issues which are under investigation.

Loading issue...

Loading ongoing issues...

VIEW ALL

Token generated using Client Credentials workflow does not work for /me

Solved!
Go to solution

Token generated using Client Credentials workflow does not work for /me

Avatar of alagappann
Casual Listener
2023-07-13 12:39 PM
Hey,
I used the client credential authorization workflow and successfully generated a access token. I am able to retrieve information regarding user accounts and playlists when using /users in the URL. However, when I use the /me to get my own playlists, currently playing song or recently played songs using /me - it throws different error codes for every request.
Errors returned:
Recently Played - error : {status: 500, message: 'Server error.'}
Currently Playing - error : {status: 404, message: 'Invalid username'}
User Saved Albums - error : {status: 404, message: 'Missing Token'}
I have properly setup the scope as well. Please let me know the issue. I'll attach JS code in comment.
Thanks!
0 Likes
Reply

Accepted Solutions
Marked as solution

Avatar of Ximzend
Spotify Star
Spotify Star
2023-07-13 01:17 PM

What you used is called Client Credentials Flow: "Since this flow does not include authorization, only endpoints that do not access user information can be accessed."

You should use the Authorization Code with PKCE Flow instead.

XimzendSpotify Star
Help others find this answer and click "Accept as Solution".
If you appreciate my answer, maybe give me a Like.
Note: I'm not a Spotify employee.

View solution in original post

0 Likes
3 Replies

Avatar of alagappann
Casual Listener
2023-07-13 12:43 PM

JavaScript code for the above issue - 

const getAccessToken = () => {
  var authOptions = {
    headers: {
      'Authorization': 'Basic ' + (new Buffer.from(client_id + ':' + client_secret).toString('base64')),
      'Content-Type': 'application/x-www-form-urlencoded'
    },
    form: {
      grant_type: 'client_credentials',
      scope: 'user-read-playback-state user-read-recently-played user-library-read'
    },
    json: true
  };


  request.post(authOptions, function(error, response, body) {
    if (!error && response.statusCode === 200) {
 
      var token = body.access_token;
      console.log(token)
      var options = {
        headers: {
          'Authorization': 'Bearer ' + token
        },
        json: true
      };
      request.get(options, function(error, response, body) {
        console.log(body);
      });
    }
  });
};
getAccessToken();
0 Likes
Marked as solution

Avatar of Ximzend
Spotify Star
Spotify Star
2023-07-13 01:17 PM

What you used is called Client Credentials Flow: "Since this flow does not include authorization, only endpoints that do not access user information can be accessed."

You should use the Authorization Code with PKCE Flow instead.

XimzendSpotify Star
Help others find this answer and click "Accept as Solution".
If you appreciate my answer, maybe give me a Like.
Note: I'm not a Spotify employee.
0 Likes

Avatar of alagappann
Casual Listener
2023-07-13 02:09 PM

Thank You!

I figured that out. Instead I generated a Authorization code and stored it to generate a refresh token every time using the code.

Suggested posts

Let's introduce ourselves!

Hey there you,   Yeah, you! 😁   Welcome - we're glad you joined the Spotify Community!   While you here, let's have a fun game and get…

Staff
ModeratorStaff / Moderator/ 3 years ago in Social & Random
Read more