Spotify API get currently playing track
After generating the access token. I'm doing a get request but getting a 404: invalid username. I dont know what's causing the issue. Please help.
10 Replies
does getting artist data work?
Yes
skimming the docs, it seems like you have to set up permissions for your API key, did you do that?
Are u referring to the Authorization Flow ?
I went through that just now and I'm kinda confused about the authorization methods they are using. Reading https://community.spotify.com/t5/Spotify-for-Developers/Get-currently-playing-track-API-Getting-a-400-amp-404-error/m-p/5580696#M9210 it seems I've to first go through the Authorization Flow / PKCE to generate an access token. The steps involved there are using a dialog where the user has to accept the auth request. So I was actually wondering if everytime someone opened my webpage do they have to first login to spotify in order to see the "Now Playing" section
no, the user (including you) has to authorize your app to see their data one time, then that authorization is stored permanently
it's the same as that prompt when you log in to some applications using your google or facebook account that tells you "this app will be allowed to see your e-mail and name"
(also, yes, I'm refering to Authorization Code Flow, the "no" was in response to the last question about having to log in to spotify first, that's a one time thing)
Just to be on the same page, so when somebody opens my webpage, in order for them to see the "Now playing" section, do THEY also have to login?
to see your one, or their own?
mine
So basically, I want users who visit my webpage to see the track that I'm currently listening to
right, so that API endpoint shows the currently playing for the user that's run the authorization process. The way the How-to is set up, that's the user of the application. It's set up to ask the user to authorize your app, then fetch the authorization code, which is then used to get the access token. You can probably do the first two steps (authorize and fetch authorization code) manually, then use the one you got to fetch the access token and display your profile without the user having to go through the authorization process themselves
I wouldn't want to do that client-side though, because it means anyone that visits your site has that authorization code and can generate access tokens
it should be limited to the scope you set in the code that fetches the authorization code (the one that only you run), but I'm not comfortable saying that that's good enough to prevent abuse
https://developer.spotify.com/documentation/web-api/howtos/web-app-profile
Quite honestly, I really wanted to have this in my webpage but right now I feel like it's too much work to just display some "not so important" info.