deanja
commented
11 months ago I'm trying to get my head around this too.
First I can confirm that Spotify user data can't be accessed with Client Credentials flow. Instead I used the Authorization Code flow - https://developer.spotify.com/documentation/web-api/tutorials/code-flow.
For your cloud function solution it might work like this:
- Interact manually* with Spotify browser authentication page and the redirect_uri to complete steps 1 and 2 in the Authorization Code flow, at which point you'll have an
access tokenand arefresh token, which can be used unattended, but will expire. - make the refresh token persistently available to your cloud function - via environment variable, aws dynamodb etc
- trigger your cloud function to add songs to your playlist as normal. If it runs less frequently than once an hour, it can use the refresh token to get a new access token on each run. If multiple times in an hour it might cache the access token between runs and only use the refresh token once per hour.
That oAuth2 refresh token should be valid at least until redeemed for an access token, and possibly indefinitely until the user revokes access by your app in Spotify.
You could write a web app or similar to do step 1, to guide user through the Spotify authentication and save the tokens where your cloud function can access them.
Nico-VC
dieser-niko
Hey,
is it somehow possible to authorize a cloud function to add new songs to my private playlist, at any time without user interaction? I can not use bowser login with redirection urls in the cloud or at least I do not know how to use them there. Is there a direct way to log into my Spotify account via the API? The client credentials flow works in the cloud, but I can't use it to access my account. It always says "This request requires user authentication".
Thank you! Sebastian