[GH-ISSUE #252] Auto-Refreshing access token. #182

New issue

Closed

opened 2026-02-27 19:26:29 +03:00 by kerem · 2 comments

kerem commented

2026-02-27 19:26:29 +03:00

Owner

Originally created by @scoder21 on GitHub (Jul 20, 2022).
Original GitHub issue: https://github.com/jwilsson/spotify-web-api-php/issues/252

Hey @jwilsson!

I have some questions about the auto-refreshing access token system.

When using it, does it replace the "callback.php" file or is that a different one?
The flow I'm talking about:
https://github.com/jwilsson/spotify-web-api-php/blob/main/docs/examples/access-token-with-authorization-code-flow.md
When using it, do you need to keep track of the time or redirect the user manually or is it really all done "automatically"?

I hope to hear from you soon.

Kind Regards

Originally created by @scoder21 on GitHub (Jul 20, 2022). Original GitHub issue: https://github.com/jwilsson/spotify-web-api-php/issues/252 Hey @jwilsson! I have some questions about the auto-refreshing access token system. 1. When using it, does it replace the "callback.php" file or is that a different one? The flow I'm talking about: _https://github.com/jwilsson/spotify-web-api-php/blob/main/docs/examples/access-token-with-authorization-code-flow.md_ 2. When using it, do you need to keep track of the time or redirect the user manually or is it really all done "automatically"? I hope to hear from you soon. Kind Regards

kerem

2026-02-27 19:26:29 +03:00

closed this issue
added the
question
label

kerem commented

2026-02-27 19:26:29 +03:00

Author

Owner

@jwilsson commented on GitHub (Jul 21, 2022):

Hey!
You still need callback.php for the initial access token request. But afterwards the user won't be redirected anymore, the refresh token returned from Spotify will be used to automatically request new access tokens in the background when the previous access token has expired. You will need to keep track of the refresh token so it can be used to request a new access token. And be sure to grab the refresh token from your Session instance after each call since it might have requested new tokens and given you a new one (the docs linked below has some examples).

There's some more docs specifically on refreshing access tokens, but do let me know if you have any other questions.

@jwilsson commented on GitHub (Jul 21, 2022): Hey! You still need `callback.php` for the initial access token request. But afterwards the user won't be redirected anymore, the refresh token returned from Spotify will be used to automatically request new access tokens in the background when the previous access token has expired. You will need to keep track of the refresh token so it can be used to request a new access token. And be sure to grab the refresh token from your `Session` instance after each call since it might have requested new tokens and given you a new one (the docs linked below has some examples). There's some more docs specifically on [refreshing access tokens](https://github.com/jwilsson/spotify-web-api-php/blob/0d6dc349669c3cf50cf39fe3c226ca438eec0489/docs/examples/refreshing-access-tokens.md), but do let me know if you have any other questions.

kerem commented

2026-02-27 19:26:29 +03:00

Author

Owner

@scoder21 commented on GitHub (Jul 21, 2022):

Okay, if I have other questions, I will get back to you.
Thanks for the quick response!

@scoder21 commented on GitHub (Jul 21, 2022): Okay, if I have other questions, I will get back to you. Thanks for the quick response!