Why am I getting a new refresh_token when I request a refreshed access token?


Why am I getting a new refresh_token when I request a refreshed access token?

Casual Listener

I am use the authorization code flow for authentication with my app. When my access_token is about to expire and I request a new one using my refresh_token, Spotify does the request but also provides me a new refresh_token and invalidates my previous one.


I am following the flow described here: https://developer.spotify.com/documentation/general/guides/authorization-guide/#authorization-code-f...

Step 4 indicates that the response will be the following: 

   "access_token": "NgA6ZcYI...ixn8bUQ",
   "token_type": "Bearer",
   "scope": "user-read-private user-read-email",
   "expires_in": 3600

However, I get the following response: 





{ access_token:"BQA...GWU",
  token_type: 'Bearer',
  expires_in: 3600,
   'playlist-read-private playlist-read-collaborative user-follow-read playlist-modify-private user-read-email user-read-private app-remote-control user-follow-modify user-modify-playback-state user-library-read user-library-modify playlist-modify-public user-read-playback-state user-read-currently-playing user-read-recently-played user-top-read' }




Note the "refresh_token" in the response. 

1 Reply


Interesting, what language are you using? I am also having issues with my tokens in Swift, but I can't even get a return :/... When using the cURL command I can get a proper refresh token, but not when I request in Swift. (I am fairly new to using API's so my code might just be poor)