[GH-ISSUE #198] Access Spotify Web API PHP via JS Fetch API #134

New issue

Closed

opened 2026-02-27 19:26:14 +03:00 by kerem · 1 comment

kerem commented

2026-02-27 19:26:14 +03:00

Owner

Originally created by @brandonmcconnell on GitHub (Jul 12, 2020).
Original GitHub issue: https://github.com/jwilsson/spotify-web-api-php/issues/198

I'm calling out to my own request.php file from my homepage on the same domain (index.php), but I get the JS error in my console:
GET https://…/request.php net::ERR_CERT_INVALID (anonymous) @ VM52:1

I expected this to work without error, but when I visit my request.php directly in a new incognito window, I am prompted once again to authenticate with Spotify. How can I permanently authenticate myself (more than auth flow) so that anyone visiting request.php would see my Spotify information, not their own?

Thanks in advance, and thanks for organizing this robust API. It's made my work on this project much simpler. 🙌🏼

Originally created by @brandonmcconnell on GitHub (Jul 12, 2020). Original GitHub issue: https://github.com/jwilsson/spotify-web-api-php/issues/198 I'm calling out to my own `request.php` file from my homepage on the same domain (`index.php`), but I get the JS error in my console: `GET https://…/request.php net::ERR_CERT_INVALID (anonymous) @ VM52:1` I expected this to work without error, but when I visit my `request.php` directly in a new incognito window, I am prompted once again to authenticate with Spotify. How can I permanently authenticate myself (more than auth flow) so that anyone visiting `request.php` would see **my** Spotify information, not their own? Thanks in advance, and thanks for organizing this robust API. It's made my work on this project much simpler. 🙌🏼

kerem

2026-02-27 19:26:14 +03:00

closed this issue
added the
question
label

kerem commented

2026-02-27 19:26:15 +03:00

Author

Owner

@jwilsson commented on GitHub (Jul 12, 2020):

Hey!
The first error seems to be caused by an invalid TLS certificate, are you running it over https?

If you want to stay permanently authenticated, you’ll first need to obtain access and refresh tokens for your account and store them somewhere. Then each time someone visits the page you’ll have to check if the access token is still valid and if not, request a new one using the refresh token. And then request the other info you want.

@jwilsson commented on GitHub (Jul 12, 2020): Hey! The first error seems to be caused by an invalid TLS certificate, are you running it over https? If you want to stay permanently authenticated, you’ll first need to obtain access and refresh tokens for your account and store them somewhere. Then each time someone visits the page you’ll have to check if the access token is still valid and if not, request a new one using the refresh token. And then request the other info you want.