[GH-ISSUE #726] Unnecessary user-read-birthdate and user-read-email scopes? #1367

New issue

Closed

opened 2026-03-14 14:33:02 +03:00 by kerem · 4 comments

kerem commented 2026-03-14 14:33:02 +03:00

Owner

Copy link

Originally created by @sandersantema on GitHub (May 15, 2025).
Original GitHub issue: https://github.com/aome510/spotify-player/issues/726

Describe the bug
The user-read-birthdate and user-read-email scopes are included in the authentication process.

There's no user impact, but they do give a bit of concern. You could think: why would spotify-player want my email and birthday? I don't necessarily think a project with 4.4k stars would do anything nefarious, but it did raise an eyebrow for me. It seems it would be better to remove these scopes if they are indeed unnecessary.

Expected behaviour
No unnecessary scopes.

Originally created by @sandersantema on GitHub (May 15, 2025). Original GitHub issue: https://github.com/aome510/spotify-player/issues/726 **Describe the bug** The `user-read-birthdate` and `user-read-email` scopes are included in the authentication process. There's no user impact, but they do give a bit of concern. You could think: why would spotify-player want my email and birthday? I don't necessarily think a project with 4.4k stars would do anything nefarious, but it did raise an eyebrow for me. It seems it would be better to remove these scopes if they are indeed unnecessary. **Expected behaviour** No unnecessary scopes.

kerem 2026-03-14 14:33:02 +03:00

• closed this issue
• added the
  good first issue
  label

kerem commented 2026-03-14 14:33:18 +03:00

Author

Owner

Copy link

@gumaath commented on GitHub (May 17, 2025):

Agreed, i think the user-read-birthdate maybe has some impact on Spotify's API, like explicit songs or something.

<!-- gh-comment-id:2888536326 --> @gumaath commented on GitHub (May 17, 2025): Agreed, i think the `user-read-birthdate` maybe has some impact on Spotify's API, like explicit songs or something.

kerem commented 2026-03-14 14:33:24 +03:00

Author

Owner

Copy link

@aome510 commented on GitHub (Jun 22, 2025):

Feel free to put up a PR and change it yourself. You can also make the passed scopes configurable

<!-- gh-comment-id:2994414333 --> @aome510 commented on GitHub (Jun 22, 2025): Feel free to put up a PR and change it yourself. You can also make the passed scopes configurable

kerem commented 2026-03-14 14:33:29 +03:00

Author

Owner

Copy link

@krishna4040 commented on GitHub (Jun 28, 2025):

Are these scopes safe to remove? can i put a PR?

<!-- gh-comment-id:3016036536 --> @krishna4040 commented on GitHub (Jun 28, 2025): Are these scopes safe to remove? can i put a PR?

kerem commented 2026-03-14 14:33:34 +03:00

Author

Owner

Copy link

@alexjyong commented on GitHub (Jul 8, 2025):

@krishna4040 fork the repo, remove the scopes, build the project with cargo build --release after setting up rust/cargo on your machine if you haven't already and see what happens I guess.

<!-- gh-comment-id:3050310017 --> @alexjyong commented on GitHub (Jul 8, 2025): @krishna4040 fork the repo, remove the scopes, build the project with `cargo build --release` after setting up rust/cargo on your machine if you haven't already and see what happens I guess.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

phase2

fix-broken-pipe

v0.0.0

v0.23.0

v0.22.1

v0.22.0

v0.21.3

v0.21.2

v0.21.1

v0.21.0

v0.20.7

v0.20.6

v0.20.5

v0.20.4

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.1

v0.18.2

v0.18.1

v0.18.0

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.2

v0.15.1

v0.15.0

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.1

v0.12.0

v0.11.1

v0.11.0

v0.10.0

v0.9.8

v0.9.6

v0.9.5

v0.9.4

v0.9.3

v0.9.2

v0.9.0

v0.8.0

v0.7.0

v0.6.0

v0.5.2

v0.5.1

v0.5.0

v0.4.0

v0.3.0

v0.2.0

v0.1.1

v0.1.0

Labels

Clear labels   

bug

  

documentation

  

enhancement

  

good first issue

  

help wanted

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

third-party

  

third-party

  

wontfix

No labels

bug

documentation

enhancement

good first issue

help wanted

pull-request

question

third-party

third-party

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/spotify-player#1367

No description provided.