Yall did all this and didn't actually outline what the exact changes to the Developer Terms are? I hate it here

I was able to create auth tokens and refreshtokens for a small app yesterday (15 april) with the web api and it works perfectly. the redirect_uri that i used was "https://httpbin.org/anything".

Thoughts on the specific changes here are... I'm not sure what has actually changed for developers who are accustomed to being told "no" to their requests after months of waiting with little tangible feedback (based on the forums here). Maybe it makes it clear that the answer will probably be "no?" There are a few more named criteria in the blog post, but they don't seem particularly clear ("established, scalable, and impactful use cases" kind of sounds like "no novel ideas allowed"). Is it all really just a way of saying "stop bugging us with requests for your cute little apps so we can focus on other more important things?" If so, saner rate limits (particularly cooldowns) for the developer mode calls would probably be much more effective since that's the only reason I personally ever applied for the extension. Before it was approved, I was stuck with rotating two or three client keys because it seemed like once a limit was hit on a particular endpoint, the 429s would just be there indefinitely. 

More general thoughts are that it feels like the Spotify team is gradually sunsetting all meaningful third-party non-official-partner contributions to the ecosystem.  This is obviously in conjunction with the last several announcements of the Web API being nerfed (I thankfully escaped that one). 

I suspect there must be a growing concern about the API being used to scrape data to train AI models... but honestly it seems like that ship has probably already sailed and now it's just punishing folks who actually want to do interesting things with Spotify. Hobbyists and coders that are just trying to do something cool (not least of which are probably students who might aspire to be engineers for Spotify one day) are going to struggle for a little while and give up, making all of this seem like a very short-sighted strategy for maintaining a position at the top of the industry. At just the moment when no-code/low-code/vibe-code/whatever tools are making it possible for non-technical people to try out interesting and niche ideas, Spotify is closing the gate on them. 

I was fortunate and had my app's extension approved just before the hammer fell a few months ago, but am now kind of scared to request additional scopes because it might just result in losing the access I *do* have since my user base is currently very small. 

Hope these thoughts are helpful. I've enjoyed very much building with the Spotify API and hope I can continue to do so!

I have to agree with the thoughts above. I have no idea what this means in terms of criterion for apps/integrations.

Reading between the lines of the terms it seems like you're actually saying "Every approval is discretionary now, even if you're following our guidelines/terms" which implicitly means "you shouldn't bother building something new unless you're already talking with us directly."

If so, it'd be great for Spotify to just come out and say it explicitly and save everybody a lot of time and effort. That would be a disappointing outcome because it closes the door on apps that are small today, but that's 100% Spotify's prerogative to do.

Very unclear what these changes actually entail.

Spotify, be careful not to discourage founders and new creators. With your change to the API a few months ago, you seem to already be headed down that path. Stifling innovation within your developer community would be your downfall.

Trying to get clarity on what exactly this means. In "App Status" on my Developer page says "Granted Quota Extension". Is this the same thing as extended Web API access as defined in the blog post? If so, am I grandfathered in to this status or can it be revoked under the new policy? Thanks for any feedback. 

Hello Spotify team,

I’ve been a passionate Spotify user for over 10 years. Your platform has changed how we connect to music, and now, I'm building something that I believe can deepen how people connect to each other through music (and more!) in a way that is emotional, private, and meaningful.

I’m currently developing Phaseur, an app designed to let people discover emotional resonance in particular through the music they love. But here's the twist: it’s not about public profiles, feeds, or algorithms. It’s cryptographically private. People share their music signals, not their identities, and when two signals "interfere" constructively, they resonate,  something beautiful happens. It’s a social mirror, powered by what we listen to, but the user stays in control the whole time.

The app is still in early development, but I’m putting my soul into it. I’m designing every part to be:

• User-centered: zero extraction, no surveillance capitalism

• Privacy-preserving: based on encrypted exchanges and no central data harvesting, minimizing server necessity to the minimal and encouraging local and p2p interactions

• Built on cryptography: using private set intersection (PSI) and secure protocols to compare listening tastes without ever revealing raw data

I’ve read Spotify’s developer policy carefully, and I’m confident my usecase is compliant. But the recent changes to quota criteria now threaten the very possibility of launching:

The new criteria include:

• Having an established business entity

• Operating an active and launched service

• Maintaining at least 250k MAUs

• Being available in key Spotify markets

These thresholds make it impossible to start small. Going from 25 users in dev mode to 250k MAUs before qualifying for quota extension is not just unrealistic — it actively kills innovation.

Spotify used to empower creators. Please don’t become a platform that only supports scaled businesses and VC-backed startups. Give room for the misfits, the solo builders, the cryptography nerds with a vision. If you close that door now, apps like Phaseur — that could change how people feel seen and heard — will die in silence.

I truly hope you’ll reconsider. The world needs more meaningful connection, not more friction. Spotify has the power to be a catalyst for that.

Thank you for your time.

So my understanding based on this is if we are solo devs trying to start something new with the Spotify API we just... can't anymore?

My solo project I've been working on for almost a year is dead just like that?

I wanted to add my voice here after spending nearly a year working toward extended access for my app, only to recently be repeatedly rejected time and time again with little no to feedback or justification and now completely shut down based on the updated Developer Policy.

I completely understand the need to protect Spotify’s platform and content. However, the new blanket prohibition on any analysis of Spotify content (even basic user-facing insights that have powered popular and harmless apps like Receiptify, Obscurify etc.) feels disproportionate.

It punishes genuine innovation, personal-use projects, and educational apps, lumping them together with large-scale data mining or machine learning misuse.

It’s incredibly disheartening to have followed all branding and privacy requirements, invested months into development, and still be rejected after minor compliance issues were addressed — simply because the overall use case (helping users understand their own listening) now falls under “analysis.”

I understand the need for caution, but I believe there’s a meaningful difference between:

• Large-scale benchmarking / scraping / commercialization (which should be banned)
  and

• Personal, user-authorized, individual insights that enrich a user’s own experience.

It feels like the new policy could easily carve out room for non-commercial, user-facing apps that do not aggregate, resell, or externally share Spotify content.

Right now, it feels like the door has been closed on an entire ecosystem of small, creative projects — the very kinds of projects that made Spotify’s developer community exciting in the first place.

I truly hope Spotify reconsiders this direction, or at least clarifies if there will ever be pathways for compliant, user-first applications again.

Thank you for listening.

I've just spent the afternoon adding even more Spotify logos and links to my app to see if I can get the person reviewing the app to notice them and grant approval on the third attempt, after twice being reject for allegedly not having these (even though they were definitely there).

I then came here to submit my extension request, only to be greeted by this news, and the realisation I'd had a wasted afternoon, as there was now little point submitting my request.

All I want is to be able to have a little more than 25 users, and not have to get them to share their email addresses with me first.

My app is a very simple single-page static site. I only really need an extension as I don't have a backend to my app. I guess I'm just going to have to develop one instead now.

I also agree with other comments that its ridiculous / impossible to expect developers to get to 250K+ MAU when developer mode limits us to 25 users. What are you smoking in Spotify towers?

Can you please give extended quota app owners a heads up either way?  I really want my modest project to live and have always tried to be in compliance with any terms.  I'd like to think my site is going to be working past May 15th, but I get the sense that having a scalable, impactful use case can be interpreted broadly and so there is no way for me to know its fate.

This is kind of making me sick and I doubt I'm alone.  So be nice and drop us a line as soon as possible.

mixmoose.com

Hi Spotify team! I’d love to see the Sonantic AI voice technology made available as a public tool again. It had amazing potential for content creation, accessibility, and storytelling. Please consider releasing it as a standalone product or API!

So I have spent a year developing my app and another year being rejected for quota extension with little to no feedback. One of them literally just said "The app doesn't work", and I immediately replied to the email with a screen recording showing the app fully functional. Of course, no replies to emails and the only option is to apply again and wait for 3 more months.

I am on my 6th attempt and now seeing this message. Honestly, it now makes a lot more sense why this extension process has been setup to be the most inefficient process I have ever seen. Clearly, Spotify doesn't care about small developers and just have this "community" as a "look how wonderful and tolerant we are" front, while hoping that this extremely tedious extension process will just make most give up on their own. Eventually they were just like **bleep** it, we're just coming out and saying it. We don't like y'all, we never really did. Yours truly, Spotify.

Yes, it is a privilege that they allow their API to be used in third party apps, but let's not pretend that this isn't a symbiotic relationship where these apps also bring new/returning users to Spotify, ESPECIALLY given how many places we are forced to slap the Spotify logo and link back to the app. Not to mention, API use is now basically a standard for most big platforms like Spotify, who don't require you to jump through a million hoops and just stick with rate limiting to control it's use like a normal freaking platform.

Spotify, please don't do this. We beg of you. And if you're going to **bleep** us anyways, at least come out and say it with your chest and just shut down the whole damn "developer community".

Spotify's positioning is oddly hostile towards small developers. If you read between the lines, it seems like the policy is basically saying, ideally, Spotify would only like to work with software organizations of a similar size. Organizations which make 9 to 10 figures in revenue annually. Instead of just saying this is a closed API for private partnerships, there seems to be some covert sabotage of the program. Impossibly low rate limits, and possibly high monthly active user requirements for new startups who would like to integrate Spotify into their products.

I echo the other sentiment of my fellow Spotify developers when I say, if you don't actually want to work with us, it would be better to simply say that instead of creating all this ambiguity and difficulty for us so that we could put our development energy towards APIs within organizations who truly wish to be collaborative. It would be less annoying for you and very much less annoying for us.

Spotify as a company seems to be frightened to build a strong dev platform without first trying to do things vertically integrated in their app. This is not how you bring the most value to the end user. If there were some fees for app builders to use the deprecated API with analyses and stats on songs it would be much better than just shutting them down.
Also your new Spotify Developer Terms seem reasonable, it is yet to see how you will process requests where a developer can prove that API data are not "ingested" in the AI pipeline and used in a stateless way to answer requests and then destroyed. Currently T&C formulation gives an impression of you building a moat.