starred/Spotify-Canvas-API
1
0
Fork 0
mirror of https://github.com/Paxsenix0/Spotify-Canvas-API.git synced 2026-04-27 08:15:52 +03:00
Code Issues 1 Projects Releases 3 Packages Wiki Activity

[GH-ISSUE #1] 400 Status Code #3

New issue
Closed
opened 2026-02-27 20:21:30 +03:00 by kerem · 16 comments
kerem commented 2026-02-27 20:21:30 +03:00
Owner
Copy link

Originally created by @JoeMama54 on GitHub (Jul 1, 2025).
Original GitHub issue: https://github.com/Paxsenix0/Spotify-Canvas-API/issues/1

It appears that open.spotify.com/api/token is now returning a 400 bad request code and makes the webserver unusable.

Originally created by @JoeMama54 on GitHub (Jul 1, 2025). Original GitHub issue: https://github.com/Paxsenix0/Spotify-Canvas-API/issues/1 It appears that open.spotify.com/api/token is now returning a 400 bad request code and makes the webserver unusable.
kerem closed this issue 2026-02-27 20:21:30 +03:00
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@PeterStark000 commented on GitHub (Jul 1, 2025):

Same problem!

<!-- gh-comment-id:3025822306 --> @PeterStark000 commented on GitHub (Jul 1, 2025): Same problem!
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@Paxsenix0 commented on GitHub (Jul 1, 2025):

@JoeMama54 You're right, something has changed. I'll investigate this issue.

<!-- gh-comment-id:3025851303 --> @Paxsenix0 commented on GitHub (Jul 1, 2025): @JoeMama54 You're right, something has changed. I'll investigate this issue.
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@Paxsenix0 commented on GitHub (Jul 2, 2025):

Let me know if the issue still persists! :)

<!-- gh-comment-id:3025908181 --> @Paxsenix0 commented on GitHub (Jul 2, 2025): Let me know if the issue still persists! :)
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@JoeMama54 commented on GitHub (Jul 2, 2025):

With the new patch I get a Unauthorized 401 status code now. @Paxsenix0

<!-- gh-comment-id:3026161891 --> @JoeMama54 commented on GitHub (Jul 2, 2025): With the new patch I get a Unauthorized 401 status code now. @Paxsenix0
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@JoeMama54 commented on GitHub (Jul 2, 2025):

Nevermind! Figured out why. dotenv was doing something weird.

<!-- gh-comment-id:3026175195 --> @JoeMama54 commented on GitHub (Jul 2, 2025): Nevermind! Figured out why. dotenv was doing something weird.
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@Inzaniity commented on GitHub (Jul 9, 2025):

Spotify seems to have changed something again, I'm getting 400 and tried everything.

<!-- gh-comment-id:3054005791 --> @Inzaniity commented on GitHub (Jul 9, 2025): Spotify seems to have changed something again, I'm getting 400 and tried everything.
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@JoeMama54 commented on GitHub (Jul 9, 2025):

@Inzaniity
It is still up and working for me
image
I would try updating your SP_DC and pulling the latest changes.

<!-- gh-comment-id:3054031138 --> @JoeMama54 commented on GitHub (Jul 9, 2025): @Inzaniity It is still up and working for me ![image](https://github.com/user-attachments/assets/21d489f8-8840-4bc6-9ceb-378dbd8333c2) I would try updating your SP_DC and pulling the latest changes.
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@Inzaniity commented on GitHub (Jul 9, 2025):

I created a new SP_DC, pulled the latest code and tried it but no chance I always get 400
Canvas request error: AxiosError: Request failed with status code 400

Tried multiple SP_DC cookies but never works :(

From what I can tell it fails to get the token and therefore does not even try for the canvas

<!-- gh-comment-id:3054094292 --> @Inzaniity commented on GitHub (Jul 9, 2025): I created a new SP_DC, pulled the latest code and tried it but no chance I always get 400 `Canvas request error: AxiosError: Request failed with status code 400` Tried multiple SP_DC cookies but never works :( From what I can tell it fails to get the token and therefore does not even try for the canvas
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@JoeMama54 commented on GitHub (Jul 9, 2025):

How are you setting your SP_DC? I had this issue too and I needed to put

import dotenv from 'dotenv';

dotenv.config();

in spotifyAuthService.js for mine to work. @Inzaniity

<!-- gh-comment-id:3054107275 --> @JoeMama54 commented on GitHub (Jul 9, 2025): How are you setting your SP_DC? I had this issue too and I needed to put ``` import dotenv from 'dotenv'; dotenv.config(); ``` in spotifyAuthService.js for mine to work. @Inzaniity
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@Inzaniity commented on GitHub (Jul 9, 2025):

How are you setting your SP_DC? I had this issue too and I needed to put `import dotenv from 'dotenv';

dotenv.config(); ` in spotifyAuthService.js for mine to work. @Inzaniity

Yeah I saw that you had trouble, but even putting it directly into the spotifyAuthService.js is not working

What I observed so far is that I have a difference between localTime and serverTime but I think that is expected.
Localtime 1752096650243
Servertime 1752096649000
Difference 1243

On this code it errors

  const response = await axios.get(url.toString(), {
    headers: {
      "User-Agent": userAgent(),
      Origin: "https://open.spotify.com/",
      Referer: "https://open.spotify.com/",
      Cookie: `sp_dc=${SP_DC}`,
    },
  });

But the SP_DC is in the request itself

Image
<!-- gh-comment-id:3054113986 --> @Inzaniity commented on GitHub (Jul 9, 2025): > How are you setting your SP_DC? I had this issue too and I needed to put `import dotenv from 'dotenv'; > > dotenv.config(); ` in spotifyAuthService.js for mine to work. [@Inzaniity](https://github.com/Inzaniity) Yeah I saw that you had trouble, but even putting it directly into the spotifyAuthService.js is not working What I observed so far is that I have a difference between localTime and serverTime but I think that is expected. Localtime 1752096650243 Servertime 1752096649000 Difference 1243 On this code it errors ```JS const response = await axios.get(url.toString(), { headers: { "User-Agent": userAgent(), Origin: "https://open.spotify.com/", Referer: "https://open.spotify.com/", Cookie: `sp_dc=${SP_DC}`, }, }); ``` But the SP_DC is in the request itself <img width="915" height="248" alt="Image" src="https://github.com/user-attachments/assets/b5db4994-2f70-459c-bcd2-5f24a5bef02c" />
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@Inzaniity commented on GitHub (Jul 9, 2025):

I got it working sorry for the trouble. I don't know why but cloning the repo again helped.

<!-- gh-comment-id:3054213716 --> @Inzaniity commented on GitHub (Jul 9, 2025): I got it working sorry for the trouble. I don't know why but cloning the repo again helped.
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@Paxsenix0 commented on GitHub (Jul 10, 2025):

Hello @Inzaniity Sorry for the inconvenience!
2 days ago, i pushed a commit due to a changed totp secret, but didn't publish a release.

<!-- gh-comment-id:3054609717 --> @Paxsenix0 commented on GitHub (Jul 10, 2025): Hello @Inzaniity Sorry for the inconvenience! 2 days ago, i pushed a commit due to a changed totp secret, but didn't publish a release.
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@Inzaniity commented on GitHub (Jul 11, 2025):

Hate to post here again but I'm getting 400 and 401 again, tried new SP_DC cookies etc. Anyone else experiencing this? Was able to grab 46k (running an app with thousands of users, maybe should reconsider the way I grab canvases) canvas urls in the past 2 days but now I'm stuck again.

<!-- gh-comment-id:3062873981 --> @Inzaniity commented on GitHub (Jul 11, 2025): Hate to post here again but I'm getting 400 and 401 again, tried new SP_DC cookies etc. Anyone else experiencing this? Was able to grab 46k (running an app with thousands of users, maybe should reconsider the way I grab canvases) canvas urls in the past 2 days but now I'm stuck again.
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@JoeMama54 commented on GitHub (Jul 11, 2025):

I am also getting a 401 currently.

<!-- gh-comment-id:3062886988 --> @JoeMama54 commented on GitHub (Jul 11, 2025): I am also getting a 401 currently.
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@Inzaniity commented on GitHub (Jul 11, 2025):

I am also getting a 401 currently.

Might be worth reopening? Or make a new one?

<!-- gh-comment-id:3063768797 --> @Inzaniity commented on GitHub (Jul 11, 2025): > I am also getting a 401 currently. Might be worth reopening? Or make a new one?
kerem commented 2026-02-27 20:21:30 +03:00
Author
Owner
Copy link

@Paxsenix0 commented on GitHub (Jul 12, 2025):

@Inzaniity @JoeMama54 I'm thinking that Spotify often changes their secrets totp and increases totpVer.

<!-- gh-comment-id:3064707059 --> @Paxsenix0 commented on GitHub (Jul 12, 2025): @Inzaniity @JoeMama54 I'm thinking that Spotify often changes their secrets totp and increases totpVer.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
2.0.5
2.0.0
1.0.0
Labels
Clear labels   
pull-request

Mirrored from GitHub Pull Request

No labels
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/Spotify-Canvas-API#3
No description provided.