DEV Community

Cover image for How to get a Spotify Refresh Token
Ahmed Mohamed
Ahmed Mohamed

Posted on

How to get a Spotify Refresh Token

In this blog, I'll show you how to generate the Spotify Refresh Token and then use that to programmatically create an access token when needed.

I needed the Spotify Refresh Token to display the currently playing track in the footer section.

The Approach


Step 1: Generate your Spotify client_id and client_secret

  • Go to Spotify developers dashboard.

  • Then select or create your app.

  • Note down your Client ID and Client Secret in a convenient location to use in Step 3.

Step 2: Create URI for access code

  • In the URL below, replace $CLIENT_ID, $SCOPE, and $REDIRECT_URI with the information you noted in Step 1. Make sure the $REDIRECT_URI is URL encoded.
  https://accounts.spotify.com/authorize?response_type=code&client_id=$CLIENT_ID&scope=$SCOPE&redirect_uri=$REDIRECT_URI
Enter fullscreen mode Exit fullscreen mode
  • This is how mine looked like.
  https://accounts.spotify.com/authorize?response_type=code&client_id=CLIENT_ID&scope=SCOPE&redirect_uri=https%3A%2F%2Fahmedrelated.com%2Fcallback
Enter fullscreen mode Exit fullscreen mode

Step 3: Get access code from the redirect URI

  • You will be redirected to your redirect URI which in my case was set to https://ahmedrelated.com/callback.

  • In the address bar you will find a huge URL string similar to the one below. In place of $ACCESSCODE there will be a long string of characters. Note down that string for the next step.

  https://ahmedrelated.com/callback?code=$ACCESSCODE
Enter fullscreen mode Exit fullscreen mode

Step 4: Get the refresh token

  • Type the following CURL command in your terminal and replaces all the variables with the information you noted in Step 1 and Step 3 : $CILENT_ID, $CLIENT_SECRET, $CODE, and $REDIRECT_URI.
  curl -d client_id=$CLIENT_ID -d client_secret=$CLIENT_SECRET -d grant_type=authorization_code -d code=$CODE -d redirect_uri=$REDIRECT_URI https://accounts.spotify.com/api/token
Enter fullscreen mode Exit fullscreen mode
  • The resulting JSON string will look something like this. Note down the refresh_token. This token will last for a very long time and can be used to generate a fresh access_token whenever it is needed.
  {
    "access_token": "ACCESS_TOKEN",
    "token_type": "Bearer",
    "expires_in": 3600,
    "refresh_token": "REFRESH_TOKEN",
    "scope": "playlist-modify-private"
  }
Enter fullscreen mode Exit fullscreen mode

Top comments (0)