[GH-ISSUE #274] How to set scopes when using Client Credentials method #200

New issue

Closed

opened 2026-02-27 19:26:34 +03:00 by kerem · 2 comments

kerem commented

2026-02-27 19:26:34 +03:00

Owner

Originally created by @beratgashii on GitHub (Mar 17, 2024).
Original GitHub issue: https://github.com/jwilsson/spotify-web-api-php/issues/274

Hi @jwilsson,

I am trying to create a simple script to return only $api->getMyCurrentTrack(); by using client credentials but without scopes it returns always HTTP ERROR 500 I checked the docs but i was unable to find a way to make this work?

Thanks,
B

Originally created by @beratgashii on GitHub (Mar 17, 2024). Original GitHub issue: https://github.com/jwilsson/spotify-web-api-php/issues/274 Hi @jwilsson, I am trying to create a simple script to return only $api->getMyCurrentTrack(); by using client credentials but without scopes it returns always HTTP ERROR 500 I checked the docs but i was unable to find a way to make this work? Thanks, B

kerem

2026-02-27 19:26:34 +03:00

closed this issue
added the
question
label

kerem commented

2026-02-27 19:26:35 +03:00

Author

Owner

@beratgashii commented on GitHub (Mar 17, 2024):

I am trying to do everything on the same file and the same request, is this okay!

require 'vendor/autoload.php';

use SpotifyWebAPI\Session;
use SpotifyWebAPI\SpotifyWebAPI;

// Function to request a new access token and fetch track data
function fetchTrackData() {
    $session = new Session(
    	'', // CLIENT_ID
    	'', // CLIENT_SECRET
    );
    $session->requestCredentialsToken();
    $accessToken = $session->getAccessToken();

	$options = [
		'scope' => [
			'user-read-email',
			'user-read-currently-playing',
			'user-read-playback-state',
		],
	];

    // Create SpotifyWebAPI instance and set access token
    $api = new SpotifyWebAPI();
    $api->setAccessToken($accessToken);

    return $api->me();
}

// Fetch track data
echo '<pre>';
print_r(fetchTrackData());
echo '</pre>';

@beratgashii commented on GitHub (Mar 17, 2024): I am trying to do everything on the same file and the same request, is this okay! ``` require 'vendor/autoload.php'; use SpotifyWebAPI\Session; use SpotifyWebAPI\SpotifyWebAPI; // Function to request a new access token and fetch track data function fetchTrackData() { $session = new Session( '', // CLIENT_ID '', // CLIENT_SECRET ); $session->requestCredentialsToken(); $accessToken = $session->getAccessToken(); $options = [ 'scope' => [ 'user-read-email', 'user-read-currently-playing', 'user-read-playback-state', ], ]; // Create SpotifyWebAPI instance and set access token $api = new SpotifyWebAPI(); $api->setAccessToken($accessToken); return $api->me(); } // Fetch track data echo '<pre>'; print_r(fetchTrackData()); echo '</pre>'; ```

kerem commented

2026-02-27 19:26:35 +03:00

Author

Owner

@jwilsson commented on GitHub (Mar 17, 2024):

Hey!
If you want to use scopes and access user information you need to use the Authorization Code or Proof Key for Code Exchange (PKCE) (PKCE is the recommended one for new applications) flows. The Client Credentials flow can only be used to fetch information about songs, artists, and so on.

Hope this clears things up!

@jwilsson commented on GitHub (Mar 17, 2024): Hey! If you want to use scopes and access user information you need to use the [Authorization Code](https://github.com/jwilsson/spotify-web-api-php/blob/786666ffb00f3e1ba499771e28cba8b62974c7dd/docs/examples/access-token-with-authorization-code-flow.md) or [Proof Key for Code Exchange (PKCE)](https://github.com/jwilsson/spotify-web-api-php/blob/786666ffb00f3e1ba499771e28cba8b62974c7dd/docs/examples/access-token-with-pkce-flow.md) (PKCE is the recommended one for new applications) flows. The Client Credentials flow can only be used to fetch information about songs, artists, and so on. Hope this clears things up!