Announcements

Help Wizard

Step 1

NEXT STEP

add scope in request token in C#

add scope in request token in C#

Plan

Premium

Country
France


Hi, I'm trying to get the token but I need some scope to be added , this code works for any other request that don't require scope... 
Can you point me in the right direction please ... 😃

 

 

 

 

 

 

 

public string GetAccessToken() 
{ string url5 = "https://accounts.spotify.com/api/token"; 
var clientid = " my client id here "; 
var clientsecret = " client secret "; 

var encode_clientid_clientsecret = Convert.ToBase64String(Encoding.UTF8.GetBytes(string.Format("{0}:{1}", clientid, clientsecret))); 
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(url5); webRequest.Method = "POST"; 
webRequest.ContentType = "application/x-www-form-urlencoded"; webRequest.Accept = "application/json"; webRequest.Headers.Add("Authorization: Basic " + encode_clientid_clientsecret); var request = ("grant_type=client_credentials"); byte[] req_bytes = Encoding.ASCII.GetBytes(request); 
webRequest.ContentLength = req_bytes.Length; Stream strm = webRequest.GetRequestStream(); 
strm.Write(req_bytes, 0, req_bytes.Length); 
strm.Close();
HttpWebResponse resp = (HttpWebResponse)webRequest.GetResponse(); 
String json = ""; 
using (Stream respStr = resp.GetResponseStream()) { 
using (StreamReader rdr = new StreamReader(respStr, Encoding.UTF8)) { 
json = rdr.ReadToEnd(); 
rdr.Close(); } } 
return json;

 

 

 

 

 

 

 

 



 

Reply
8 Replies

That's because, in your code, you use 

 

("grant_type=client_credentials")

 

Client Credentials can't be used with Scopes.

Use the Authorization Code Flow instead.

yeah I saw that , so next question , as I am the user of the app , could I avoid the step that open a browser source ? 
basically, just getting the token without having to get that page , maybe with an Async method in C# ? 

You can't skip the first login through the browser, but after that, you can keep using refresh tokens to get new access tokens.

Example:

  1. User logs in through the browser.
  2. You'll get an Access Token and a Refresh token. Store the Refresh Token for later use.
  3. <60 minutes pass / access token expires>
  4. Request a new Access Token with the stored Refresh token.
  5. Like in step 2, You'll get a new Access Token and a new Refresh token. Replace the old stored Refresh Token with the new  for later use.

How it technically works, you can read on the same page I already linked: Authorization Code Flow.

I forgot to add: when you don't get a new Refresh token, you can keep using the old one.

thx for your responses, I got it to work with grant_type=authorization_code

I got one more question, what happens if a user receive Ads ? is there any endpoint where I can get that information ? what will be sending in that case ? 

hi, me again 
Finally I get some trouble to get scopes added to my OAuth

https://accounts.spotify.com/authorize?client_id=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&scopes=user-modify-playback-state&response_type=code&redirect_uri=http%3a%2f%2f127.0.0.1%3a1300%2fspotifyOAuthRedirectUri%2f

What's wrong in the link plz ? ? 

ok I see, I think it's because I'm not doing it the right way : GET request ... 

it was a typo : scopes= instead of scope= 

Suggested posts