[GH-ISSUE #828] Breaking change in minor version? #510

New issue

Open

opened 2026-02-27 23:23:01 +03:00 by kerem · 15 comments

kerem commented 2026-02-27 23:23:01 +03:00

Owner

Copy link

Originally created by @SHxKM on GitHub (Jun 11, 2022).
Original GitHub issue: https://github.com/spotipy-dev/spotipy/issues/828

Hi,

Super glad to see this maintained after a long halt.

I've noticed after upgrading from 2.4.4. to 2.19.0 that some endpoints like search no longer work when the Spotipy object is initialized with a auth param.

My old code (now returns an error):

credentials = oauth2.SpotifyClientCredentials(
        client_id=SPOTIFY_CLIENT_ID,
        client_secret=SPOTIFY_SECRET_ID,
    )
token = credentials.get_access_token()
spotipy_obj = spotipy.Spotify(auth=token)
artist_on_spotify = spotipy_obj.search(q="X", type="artist", limit=1)

The new code:

spotipy_obj = spotipy.Spotify(client_credentials_manager=credentials)
artist_on_spotify = spotipy_obj.search(q="X", type="artist", limit=1)

Meanwhile, user-related endpoints continue to work with token.

Is this expected? I couldn't find anything in the release notes regarding this. Maybe I didn't look hard enough.

Also: am I correct in saying that the cache system is only for the application's access token, not those of the application's users?

Originally created by @SHxKM on GitHub (Jun 11, 2022). Original GitHub issue: https://github.com/spotipy-dev/spotipy/issues/828 Hi, Super glad to see this maintained after a long halt. I've noticed after upgrading from `2.4.4.` to `2.19.0` that some endpoints like `search` no longer work when the `Spotipy` object is initialized with a `auth` param. My old code (now returns an error): ```python credentials = oauth2.SpotifyClientCredentials( client_id=SPOTIFY_CLIENT_ID, client_secret=SPOTIFY_SECRET_ID, ) token = credentials.get_access_token() spotipy_obj = spotipy.Spotify(auth=token) artist_on_spotify = spotipy_obj.search(q="X", type="artist", limit=1) ``` The new code: ```python spotipy_obj = spotipy.Spotify(client_credentials_manager=credentials) artist_on_spotify = spotipy_obj.search(q="X", type="artist", limit=1) ``` Meanwhile, user-related endpoints continue to work with `token`. Is this expected? I couldn't find anything in the release notes regarding this. Maybe I didn't look hard enough. Also: am I correct in saying that the cache system is only for the application's access token, not those of the application's users?

kerem added the

question

label 2026-02-27 23:23:01 +03:00

kerem commented 2026-02-27 23:23:02 +03:00

Author

Owner

Copy link

@Peter-Schorn commented on GitHub (Jun 13, 2022):

My old code (now returns an error):

credentials = oauth2.SpotifyClientCredentials(
       client_id=SPOTIFY_CLIENT_ID,
       client_secret=SPOTIFY_SECRET_ID,
   )
token = credentials.get_access_token()
spotipy_obj = spotipy.Spotify(auth=token)
artist_on_spotify = spotipy_obj.search(q="X", type="artist", limit=1)

This will always return an error after an hour when the access token expires. The refresh token has not been saved. Therefore, this pattern is never recommended.

Follow the pattern shown on the README:

Without user authentication

import spotipy
from spotipy.oauth2 import SpotifyClientCredentials

sp = spotipy.Spotify(auth_manager=SpotifyClientCredentials(client_id="YOUR_APP_CLIENT_ID",
                                                           client_secret="YOUR_APP_CLIENT_SECRET"))

results = sp.search(q='weezer', limit=20)
for idx, track in enumerate(results['tracks']['items']):
    print(idx, track['name'])

<!-- gh-comment-id:1153874267 --> @Peter-Schorn commented on GitHub (Jun 13, 2022): >My old code (now returns an error): > >``` >credentials = oauth2.SpotifyClientCredentials( > client_id=SPOTIFY_CLIENT_ID, > client_secret=SPOTIFY_SECRET_ID, > ) >token = credentials.get_access_token() >spotipy_obj = spotipy.Spotify(auth=token) >artist_on_spotify = spotipy_obj.search(q="X", type="artist", limit=1) >``` This will always return an error after an hour when the access token expires. The refresh token has not been saved. Therefore, this pattern is _never_ recommended. Follow the pattern shown on the [README](https://github.com/plamere/spotipy#without-user-authentication): > # Without user authentication > ``` > import spotipy > from spotipy.oauth2 import SpotifyClientCredentials > > sp = spotipy.Spotify(auth_manager=SpotifyClientCredentials(client_id="YOUR_APP_CLIENT_ID", > client_secret="YOUR_APP_CLIENT_SECRET")) > > results = sp.search(q='weezer', limit=20) > for idx, track in enumerate(results['tracks']['items']): > print(idx, track['name']) > ```

kerem commented 2026-02-27 23:23:02 +03:00

Author

Owner

Copy link

@SHxKM commented on GitHub (Jun 13, 2022):

@Peter-Schorn that code is just a simplified example. I’m not complaining that it’s changed I just want to know if it indeed was. Because it did work with 2.4.4.

<!-- gh-comment-id:1154260588 --> @SHxKM commented on GitHub (Jun 13, 2022): @Peter-Schorn that code is just a simplified example. I’m not complaining that it’s changed I just want to know if it indeed was. Because it did work with 2.4.4.

kerem commented 2026-02-27 23:23:02 +03:00

Author

Owner

Copy link

@Peter-Schorn commented on GitHub (Jun 13, 2022):

Your code is flawed for any version as already described.

<!-- gh-comment-id:1154261679 --> @Peter-Schorn commented on GitHub (Jun 13, 2022): Your code is flawed for any version as already described.

kerem commented 2026-02-27 23:23:02 +03:00

Author

Owner

Copy link

@SHxKM commented on GitHub (Jun 13, 2022):

Your code is flawed for any version as already described.

You can repeat yourself being condescending all you want. The question remains: a code that works (even for a split second) in 2.4.4 doesn’t work at all in 2.19.0, is this breaking change intended? If you are uninterested in answering that, don’t.

I didn’t ask for a code review. I asked if something broke between versions.

<!-- gh-comment-id:1154263577 --> @SHxKM commented on GitHub (Jun 13, 2022): > Your code is flawed for any version as already described. You can repeat yourself being condescending all you want. The question remains: a code that works (even for a split second) in 2.4.4 doesn’t work at all in 2.19.0, is this breaking change intended? If you are uninterested in answering that, don’t. I didn’t ask for a code review. I asked if something broke between versions.

kerem commented 2026-02-27 23:23:02 +03:00

Author

Owner

Copy link

@Peter-Schorn commented on GitHub (Jun 13, 2022):

Don't know.

<!-- gh-comment-id:1154270591 --> @Peter-Schorn commented on GitHub (Jun 13, 2022): Don't know.

kerem commented 2026-02-27 23:23:03 +03:00

Author

Owner

Copy link

@stephanebruckert commented on GitHub (Jun 13, 2022):

It should probably still work and looks like a bug. It's really weird that it works for a user endpoint but not for a non-user endpoint.

Can you please share the error with stack trace and any warning spotipy might be raising?

<!-- gh-comment-id:1154363226 --> @stephanebruckert commented on GitHub (Jun 13, 2022): It should probably still work and looks like a bug. It's really weird that it works for a user endpoint but not for a non-user endpoint. Can you please share the error with stack trace and any warning spotipy might be raising?

kerem commented 2026-02-27 23:23:03 +03:00

Author

Owner

Copy link

@SHxKM commented on GitHub (Jun 15, 2022):

Hi @stephanebruckert, thank you. With 2.19.0 here's the exception of type spotipy.client.SpotifyException:

http status: 400, code:-1 - https://api.spotify.com/v1/search?q=Roped+Off+Problem+%26+Boogie+artist%3AThe+Game&limit=50&offset=0&type=track&market=us:
 Only valid bearer authentication supported, reason: None

As I said, with 2.4.4 this works fine.

<!-- gh-comment-id:1156621630 --> @SHxKM commented on GitHub (Jun 15, 2022): Hi @stephanebruckert, thank you. With `2.19.0` here's the exception of type `spotipy.client.SpotifyException`: ``` http status: 400, code:-1 - https://api.spotify.com/v1/search?q=Roped+Off+Problem+%26+Boogie+artist%3AThe+Game&limit=50&offset=0&type=track&market=us: Only valid bearer authentication supported, reason: None ``` As I said, with `2.4.4` this works fine.

kerem commented 2026-02-27 23:23:03 +03:00

Author

Owner

Copy link

@stephanebruckert commented on GitHub (Jun 15, 2022):

@SHxKM in your "old" code can you try to replace

token = credentials.get_access_token()

with

token = credentials.get_access_token(as_dict=False)

and let me know if it helps?

<!-- gh-comment-id:1156628899 --> @stephanebruckert commented on GitHub (Jun 15, 2022): @SHxKM in your "old" code can you try to replace token = credentials.get_access_token() with token = credentials.get_access_token(as_dict=False) and let me know if it helps?

kerem commented 2026-02-27 23:23:03 +03:00

Author

Owner

Copy link

@SHxKM commented on GitHub (Jun 15, 2022):

@SHxKM in your "old" code can you try to replace

token = credentials.get_access_token()

with

token = credentials.get_access_token(as_dict=False)

and let me know if it helps?

Yes, as_dict=False solves the issue. Can you elaborate on this please?

<!-- gh-comment-id:1156633199 --> @SHxKM commented on GitHub (Jun 15, 2022): > @SHxKM in your "old" code can you try to replace > > ``` > token = credentials.get_access_token() > ``` > > with > > ``` > token = credentials.get_access_token(as_dict=False) > ``` > > and let me know if it helps? Yes, `as_dict=False` solves the issue. Can you elaborate on this please?

kerem commented 2026-02-27 23:23:03 +03:00

Author

Owner

Copy link

@stephanebruckert commented on GitHub (Jun 15, 2022):

Since 2.4.4, was added a new parameter as_dict.

github.com/plamere/spotipy@06551cd055/spotipy/oauth2.py (L213)

Looks like it should be False by default instead of True for things to remain backward-compatible

<!-- gh-comment-id:1156641256 --> @stephanebruckert commented on GitHub (Jun 15, 2022): Since 2.4.4, was added a new parameter `as_dict`. https://github.com/plamere/spotipy/blob/06551cd0553d6e030f3f4ee7da5fac12c424bac7/spotipy/oauth2.py#L213 Looks like it should be False by default instead of True for things to remain backward-compatible

kerem commented 2026-02-27 23:23:03 +03:00

Author

Owner

Copy link

@SHxKM commented on GitHub (Jun 15, 2022):

Since 2.4.4, was added a new parameter as_dict.

github.com/plamere/spotipy@06551cd055/spotipy/oauth2.py (L213)

Looks like it should be False by default instead of True for things to remain backward-compatible

Thank you for taking the time to look into this. I guess for now if I don't find additional issues I'll just do:

spotipy_obj = spotipy.Spotify(client_credentials_manager=credentials)
artist_on_spotify = spotipy_obj.search(q="X", type="artist", limit=1)

By the way, is the spotipy.Spotify object designed to a be a singleton? Because in some parts of my code I repetitively initialize it en-masse, and I'm wondering if that's what's leading to high memory usage.

<!-- gh-comment-id:1156644982 --> @SHxKM commented on GitHub (Jun 15, 2022): > Since 2.4.4, was added a new parameter `as_dict`. > > https://github.com/plamere/spotipy/blob/06551cd0553d6e030f3f4ee7da5fac12c424bac7/spotipy/oauth2.py#L213 > > Looks like it should be False by default instead of True for things to remain backward-compatible Thank you for taking the time to look into this. I guess for now if I don't find additional issues I'll just do: ``` spotipy_obj = spotipy.Spotify(client_credentials_manager=credentials) artist_on_spotify = spotipy_obj.search(q="X", type="artist", limit=1) ``` By the way, is the `spotipy.Spotify` object designed to a be a singleton? Because in some parts of my code I repetitively initialize it en-masse, and I'm wondering if that's what's leading to high memory usage.

kerem commented 2026-02-27 23:23:03 +03:00

Author

Owner

Copy link

@stephanebruckert commented on GitHub (Jun 15, 2022):

By the way, is the spotipy.Spotify object designed to a be a singleton?

It looks like it is, I would try to initialise it once and pass it where you need. Particularly since the tokens auto-refresh in newer versions!

<!-- gh-comment-id:1156650129 --> @stephanebruckert commented on GitHub (Jun 15, 2022): > By the way, is the spotipy.Spotify object designed to a be a singleton? It looks like it is, I would try to initialise it once and pass it where you need. Particularly since the tokens auto-refresh in newer versions!

kerem commented 2026-02-27 23:23:03 +03:00

Author

Owner

Copy link

@SHxKM commented on GitHub (Jun 15, 2022):

By the way, is the spotipy.Spotify object designed to a be a singleton?

It looks like it is, I would try to initialise it once and pass it where you need. Particularly since the tokens auto-refresh in newer versions!

Got it. I wonder if that'll mess things up when I'm authenticating both on the app-level and the-user level. But that's for another issue. Thanks a lot @stephanebruckert!

<!-- gh-comment-id:1156944142 --> @SHxKM commented on GitHub (Jun 15, 2022): > > By the way, is the spotipy.Spotify object designed to a be a singleton? > > It looks like it is, I would try to initialise it once and pass it where you need. Particularly since the tokens auto-refresh in newer versions! Got it. I wonder if that'll mess things up when I'm authenticating both on the app-level and the-user level. But that's for another issue. Thanks a lot @stephanebruckert!

kerem commented 2026-02-27 23:23:03 +03:00

Author

Owner

Copy link

@SHxKM commented on GitHub (Jun 16, 2022):

@stephanebruckert one thing we didn't discuss is why it didn't affect user-level endpoints? (those that require user authorization) Do you know the answer?

<!-- gh-comment-id:1157807164 --> @SHxKM commented on GitHub (Jun 16, 2022): @stephanebruckert one thing we didn't discuss is why it didn't affect user-level endpoints? (those that require user authorization) Do you know the answer?

kerem commented 2026-02-27 23:23:03 +03:00

Author

Owner

Copy link

@Peter-Schorn commented on GitHub (Jun 16, 2022):

Got it. I wonder if that'll mess things up when I'm authenticating both on the app-level and the-user level. But that's for another issue.

Spotify is not a singleton, but you should generally only be using one instance of it in your program, especially if you've only authenticated with one user. Do not authenticate separately for different endpoints. That's a waste of your time.

<!-- gh-comment-id:1158090309 --> @Peter-Schorn commented on GitHub (Jun 16, 2022): > Got it. I wonder if that'll mess things up when I'm authenticating both on the app-level and the-user level. But that's for another issue. `Spotify` is not a singleton, but you should generally only be using *one* instance of it in your program, especially if you've only authenticated with one user. Do not authenticate separately for different endpoints. That's a waste of your time.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

feature/2026-02-changes

feature/invalid-uri-warning

feature/refresh-endpoints

doc-deprecations

revert-synchronize

v3

run-tests

bugfix/1149-change-cache-name

2.23.0

v3_oldprsonly

2.26.0

2.25.2

2.25.1

2.25.0

2.24.0

2.23.0

2.22.1

2.22.0

2.21.0

2.20.0

2.19.0

2.18.0

2.17.1

2.17.0

2.16.1

2.16.0

2.15.0

2.14.0

2.13.0

2.12.0

2.11.2

2.11.1

2.11.0

2.10.0

2.9.0

2.8.0

2.7.1

2.7.0

2.6.3

2.6.2

2.6.1

2.6.0

2.5.0

Labels

Clear labels   

api-bug

  

bug

  

dependencies

  

documentation

  

duplicate

  

enhancement

  

external-ide

  

headless-mode

  

implicit-grant-flow

  

invalid

  

missing-endpoint

  

pr-welcome

  

private-api

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

spotipy3

  

wontfix

No labels

api-bug

bug

dependencies

documentation

duplicate

enhancement

external-ide

headless-mode

implicit-grant-flow

invalid

missing-endpoint

pr-welcome

private-api

pull-request

question

spotipy3

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/spotipy#510

No description provided.