Spotify
If you don't already have a spotify app, create it here.
Open your app, go to settings and add a redirect uri, e.g. com.myapp:/oauth
.
Note: iOS redirect on Spotify only works with one /
.s
const config = {
clientId: '<client_id>', // available on the app page
clientSecret: '<client_secret>', // click "show client secret" to see this
redirectUrl: 'com.myapp:/oauth', // the redirect you defined after creating the app
scopes: ['user-read-email', 'playlist-modify-public', 'user-read-private'], // the scopes you need to access
serviceConfiguration: {
authorizationEndpoint: 'https://accounts.spotify.com/authorize',
tokenEndpoint: 'https://accounts.spotify.com/api/token',
},
};
const authState = await authorize(config);
Managing Client Secrets
In order to avoid storing the clientSecret
in the client, Spotify has published a token exchange package that can be used to move this step to the backend:
https://github.com/bih/spotify-token-swap-service
The tokenEndpoint should then point to whereever you are hosting this server, and be sure to remove the secret from your app:
const config = {
clientId: '<client_id>', // available on the app page
redirectUrl: 'com.myapp:/oauth', // the redirect you defined after creating the app
scopes: ['user-read-email', 'playlist-modify-public', 'user-read-private'], // the scopes you need to access
serviceConfiguration: {
authorizationEndpoint: 'https://accounts.spotify.com/authorize',
tokenEndpoint: 'https://my-token-service/api/token',
},
};
const authState = await authorize(config);