The Client Credentials Flow is used for server-to-server authentication, but authorization does not grant permission to access user resources. For example, the Implicit Grant Flow can be implemented entirely client-side (no server), but it does not provide a refresh token. Spotify's Authorization Flows #Īccording to Spotify's Authorization Guide, there are four possible flows for obtaining app authorization:Īuthorization Code Flow With Proof Key for Code Exchange (PKCE)Įach of these flows provides a slightly different level of authorization due to the way it is granted. Now that we have a high-level understanding of what OAuth is for and how it works, let's take a closer look at how OAuth works with the Spotify API.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |