[GH-ISSUE #194] Authorization documentation changes #99

New issue

Closed

opened 2026-02-27 23:20:49 +03:00 by kerem · 8 comments

kerem commented 2026-02-27 23:20:49 +03:00

Owner

Copy link

Originally created by @kotutuloro on GitHub (May 30, 2017).
Original GitHub issue: https://github.com/spotipy-dev/spotipy/issues/194

It seems like Spotify has changed the authorization requirements for the API's endpoints.

All endpoints now require authorization, so things like searching and fetching tracks need an access token. The Spotipy docs has an example of a Non-Authorized request, but those no longer work.

Originally created by @kotutuloro on GitHub (May 30, 2017). Original GitHub issue: https://github.com/spotipy-dev/spotipy/issues/194 It seems like Spotify has changed the authorization requirements for the [API's endpoints](https://developer.spotify.com/web-api/endpoint-reference/). All endpoints now require authorization, so things like searching and fetching tracks need an access token. The Spotipy docs has an example of a Non-Authorized request, but those no longer work.

kerem 2026-02-27 23:20:49 +03:00

• closed this issue
• added the
  documentation
  label

kerem commented 2026-02-27 23:20:50 +03:00

Author

Owner

Copy link

@woutor commented on GitHub (May 31, 2017):

I succeeded searching for items using the Client Credentials Flow

<!-- gh-comment-id:305176114 --> @woutor commented on GitHub (May 31, 2017): I succeeded searching for items using the [Client Credentials Flow](http://spotipy.readthedocs.io/en/latest/#client-credentials-flow)

kerem commented 2026-02-27 23:20:50 +03:00

Author

Owner

Copy link

@kotutuloro commented on GitHub (Jun 16, 2017):

Yup! I think Spotipy's docs should be changed to reflect that.

<!-- gh-comment-id:309140893 --> @kotutuloro commented on GitHub (Jun 16, 2017): Yup! I think Spotipy's docs should be changed to reflect that.

kerem commented 2026-02-27 23:20:50 +03:00

Author

Owner

Copy link

@fhopp commented on GitHub (Jul 14, 2017):

If you want the examples to work with updated authorisations, here's what you need to do:

1.) Get a CLIENT ID and CLIENT SECRET (https://developer.spotify.com/web-api/tutorial/)
2.) According to the Client Credentials Flow, modify the example scripts in the following manner:

Line 3: from spotipy.oauth2 import SpotifyClientCredentials
Line 4: client_credentials_manager = SpotifyClientCredentials(client_id='YOUR ID', client_secret='YOUR SECRET ID')

At the end of a script, modify the sp = spotipy.Spotify() to
sp = spotipy.Spotify(client_credentials_manager=client_credentials_manager)

Then it /should/ work.

<!-- gh-comment-id:315458391 --> @fhopp commented on GitHub (Jul 14, 2017): If you want the examples to work with updated authorisations, here's what you need to do: 1.) Get a CLIENT ID and CLIENT SECRET (https://developer.spotify.com/web-api/tutorial/) 2.) According to the Client Credentials Flow, modify the example scripts in the following manner: Line 3: from spotipy.oauth2 import SpotifyClientCredentials Line 4: client_credentials_manager = SpotifyClientCredentials(client_id='YOUR ID', client_secret='YOUR SECRET ID') At the end of a script, modify the sp = spotipy.Spotify() to sp = spotipy.Spotify(client_credentials_manager=client_credentials_manager) Then it /should/ work.

kerem commented 2026-02-27 23:20:50 +03:00

Author

Owner

Copy link

@ritiek commented on GitHub (Jul 22, 2017):

First of all create an app on https://beta.developer.spotify.com/dashboard/ and note down your Client ID, Client Secret and Redirect URI.

---

To authorize your API calls without going through the headache of verifying the redirect URL. Just make use of the oauth2 method:

import spotipy
import spotipy.oauth2 as oauth2

credentials = oauth2.SpotifyClientCredentials(
        client_id=client_id,
        client_secret=client_secret)

token = credentials.get_access_token()
spotify = spotipy.Spotify(auth=token)

Note that this method does not need any scope/redirect url and will only allow access to publicly available information.

---

To gain access to user's personal information, you need to use the old school util method (requires verifying of redirect URL):

import spotipy
import spotipy.util as util

token = util.prompt_for_user_token(
        username=your_username,
        scope=scope,
        client_id=client_id,
        client_secret=client_secret,
        redirect_uri=redirect_uri)

spotify = spotipy.Spotify(auth=token)

Learn more about using scopes from the official docs.

<!-- gh-comment-id:317192954 --> @ritiek commented on GitHub (Jul 22, 2017): First of all create an app on https://beta.developer.spotify.com/dashboard/ and note down your *Client ID*, *Client Secret* and *Redirect URI*. --- To authorize your API calls without going through the headache of verifying the redirect URL. Just make use of the `oauth2` method: ```python import spotipy import spotipy.oauth2 as oauth2 credentials = oauth2.SpotifyClientCredentials( client_id=client_id, client_secret=client_secret) token = credentials.get_access_token() spotify = spotipy.Spotify(auth=token) ``` Note that this method does not need any scope/redirect url and will only allow access to publicly available information. --- To gain access to user's personal information, you need to use the old school `util` method (requires verifying of redirect URL): ```python import spotipy import spotipy.util as util token = util.prompt_for_user_token( username=your_username, scope=scope, client_id=client_id, client_secret=client_secret, redirect_uri=redirect_uri) spotify = spotipy.Spotify(auth=token) ``` Learn more about using scopes from the [official docs](https://developer.spotify.com/web-api/using-scopes).

kerem commented 2026-02-27 23:20:50 +03:00

Author

Owner

Copy link

@JessicaMartini212887 commented on GitHub (Mar 22, 2018):

Thank you very much

<!-- gh-comment-id:375389842 --> @JessicaMartini212887 commented on GitHub (Mar 22, 2018): Thank you very much

kerem commented 2026-02-27 23:20:50 +03:00

Author

Owner

Copy link

@JeanPaiva42 commented on GitHub (Mar 8, 2019):

First of all create an app on https://beta.developer.spotify.com/dashboard/ and note down your Client ID, Client Secret and Redirect URI.

To authorize your API calls without going through the headache of verifying the redirect URL. Just make use of the oauth2 method:

import spotipy
import spotipy.oauth2 as oauth2

credentials = oauth2.SpotifyClientCredentials(
        client_id=client_id,
        client_secret=client_secret)

token = credentials.get_access_token()
spotify = spotipy.Spotify(auth=token)

Note that this method does not need any scope/redirect url and will only allow access to publicly available information.

To gain access to user's personal information, you need to use the old school util method (requires verifying of redirect URL):

import spotipy
import spotipy.util as util

token = util.prompt_for_user_token(
        username=your_username,
        scope=scope,
        client_id=client_id,
        client_secret=client_secret,
        redirect_uri=redirect_uri)

spotify = spotipy.Spotify(auth=token)

Learn more about using scopes from the official docs.

Damn, I'm late to the party but is there a way I can get the user private info without pasting the URL? I'm trying to buiild an app but this is killing me, lol.

<!-- gh-comment-id:470798966 --> @JeanPaiva42 commented on GitHub (Mar 8, 2019): > First of all create an app on https://beta.developer.spotify.com/dashboard/ and note down your _Client ID_, _Client Secret_ and _Redirect URI_. > > To authorize your API calls without going through the headache of verifying the redirect URL. Just make use of the `oauth2` method: > > ```python > import spotipy > import spotipy.oauth2 as oauth2 > > credentials = oauth2.SpotifyClientCredentials( > client_id=client_id, > client_secret=client_secret) > > token = credentials.get_access_token() > spotify = spotipy.Spotify(auth=token) > ``` > > Note that this method does not need any scope/redirect url and will only allow access to publicly available information. > > To gain access to user's personal information, you need to use the old school `util` method (requires verifying of redirect URL): > > ```python > import spotipy > import spotipy.util as util > > token = util.prompt_for_user_token( > username=your_username, > scope=scope, > client_id=client_id, > client_secret=client_secret, > redirect_uri=redirect_uri) > > spotify = spotipy.Spotify(auth=token) > ``` > > Learn more about using scopes from the [official docs](https://developer.spotify.com/web-api/using-scopes). Damn, I'm late to the party but is there a way I can get the user private info without pasting the URL? I'm trying to buiild an app but this is killing me, lol.

kerem commented 2026-02-27 23:20:50 +03:00

Author

Owner

Copy link

@n-ivanov commented on GitHub (Apr 27, 2019):

Damn, I'm late to the party but is there a way I can get the user private info without pasting the URL? I'm trying to buiild an app but this is killing me, lol.

@JeanPaiva42 There's a PR (#243) that handles this by using a local http server to listen to the redirect and get the access code. I took a similar approach in my application to handle this issue before noticing the PR and it works very well.

<!-- gh-comment-id:487308844 --> @n-ivanov commented on GitHub (Apr 27, 2019): > Damn, I'm late to the party but is there a way I can get the user private info without pasting the URL? I'm trying to buiild an app but this is killing me, lol. @JeanPaiva42 There's a PR (#243) that handles this by using a local http server to listen to the redirect and get the access code. I took a similar approach in my application to handle this issue before noticing the PR and it works very well.

kerem commented 2026-02-27 23:20:50 +03:00

Author

Owner

Copy link

@aced125 commented on GitHub (Jun 9, 2019):

If you want the examples to work with updated authorisations, here's what you need to do:

1.) Get a CLIENT ID and CLIENT SECRET (https://developer.spotify.com/web-api/tutorial/)
2.) According to the Client Credentials Flow, modify the example scripts in the following manner:

Line 3: from spotipy.oauth2 import SpotifyClientCredentials
Line 4: client_credentials_manager = SpotifyClientCredentials(client_id='YOUR ID', client_secret='YOUR SECRET ID')

At the end of a script, modify the sp = spotipy.Spotify() to
sp = spotipy.Spotify(client_credentials_manager=client_credentials_manager)

Then it /should/ work.

Thank you very much, this worked for me.

<!-- gh-comment-id:500235603 --> @aced125 commented on GitHub (Jun 9, 2019): > If you want the examples to work with updated authorisations, here's what you need to do: > > 1.) Get a CLIENT ID and CLIENT SECRET (https://developer.spotify.com/web-api/tutorial/) > 2.) According to the Client Credentials Flow, modify the example scripts in the following manner: > > Line 3: from spotipy.oauth2 import SpotifyClientCredentials > Line 4: client_credentials_manager = SpotifyClientCredentials(client_id='YOUR ID', client_secret='YOUR SECRET ID') > > At the end of a script, modify the sp = spotipy.Spotify() to > sp = spotipy.Spotify(client_credentials_manager=client_credentials_manager) > > Then it /should/ work. Thank you very much, this worked for me.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

feature/2026-02-changes

feature/invalid-uri-warning

feature/refresh-endpoints

doc-deprecations

revert-synchronize

v3

run-tests

bugfix/1149-change-cache-name

2.23.0

v3_oldprsonly

2.26.0

2.25.2

2.25.1

2.25.0

2.24.0

2.23.0

2.22.1

2.22.0

2.21.0

2.20.0

2.19.0

2.18.0

2.17.1

2.17.0

2.16.1

2.16.0

2.15.0

2.14.0

2.13.0

2.12.0

2.11.2

2.11.1

2.11.0

2.10.0

2.9.0

2.8.0

2.7.1

2.7.0

2.6.3

2.6.2

2.6.1

2.6.0

2.5.0

Labels

Clear labels   

api-bug

  

bug

  

dependencies

  

documentation

  

duplicate

  

enhancement

  

external-ide

  

headless-mode

  

implicit-grant-flow

  

invalid

  

missing-endpoint

  

pr-welcome

  

private-api

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

spotipy3

  

wontfix

No labels

api-bug

bug

dependencies

documentation

duplicate

enhancement

external-ide

headless-mode

implicit-grant-flow

invalid

missing-endpoint

pr-welcome

private-api

pull-request

question

spotipy3

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/spotipy#99

No description provided.