crohrer
Reputation: 101
Error "Only valid bearer authentication supported" when requesting access token from Spotify
I'm trying to get an oAuth access token from Spotify (Step 4 in their Guide).
I believe, I send all required parameters as described in their docs, but Spotify responds with:
"error": {
"status": 400,
"message": "Only valid bearer authentication supported"
}
This is my request in node.js:
function getToken(code){
var idAndSecret = config.clientId+':'+config.clientSecret;
var authString = 'Basic ' + new Buffer(idAndSecret).toString('base64');
var data = querystring.stringify({
grant_type: "authorization_code",
code: code,
redirect_uri: REDIRECT_URI
});
var tokenReq = https.request({
hostname: 'api.spotify.com',
path: '/api/token?'+data,
method: 'POST',
headers: {
'Authorization': authString
}
}, function(res){
res.on('data', function(chunk){
console.log(new Buffer(chunk).toString());
});
console.log(res.statusCode, JSON.stringify(res.headers));
});
tokenReq.end();
}
I already checked my clientId, clientSecret, auth-code and redirectUri.
This is the Response Header:
{
"server":"nginx",
"date":"Sat, 02 Jan 2016 23:58:58 GMT",
"content-type":"application/json",
"content-length":"99",
"connection":"close",
"www-authenticate":"Bearer realm=\\"spotify\\",
error=\\"invalid_request\\",
error_description=\\"Only valid bearer authentication supported\\"",
"access-control-allow-origin":"*",
"access-control-allow-methods":"GET, POST, OPTIONS, PUT, DELETE",
"access-control-allow-credentials":"true",
"access-control-max-age":"604800",
"access-control-allow-headers":"Accept, Authorization, Origin, Content-Type"
}
Upvotes: 3
Views: 6826
Answers (1)
crohrer
Reputation: 101
It was the wrong endpoint: it should be accounts.spotify.com not api.spotify.com
Then I got a status 500 & I also fixed this:
function getToken(code){
var idAndSecret = config.clientId+':'+config.clientSecret;
var authString = 'Basic ' + new Buffer(idAndSecret).toString('base64');
var data = querystring.stringify({
grant_type: "authorization_code",
code: code,
redirect_uri: REDIRECT_URI
});
var tokenReq = https.request({
hostname: 'accounts.spotify.com',
path: '/api/token',
method: 'POST',
headers: {
'Authorization': authString,
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': Buffer.byteLength(data)
}
}, function(res){
res.on('data', function(chunk){
console.log(new Buffer(chunk).toString());
});
console.log(res.statusCode, JSON.stringify(res.headers));
});
tokenReq.end(data);
}
Upvotes: 7
Related Questions
- Access to fetch at Spotify API redirected from backend from origin (angular clientside) has been blocked by CORS policy
- Spotify Web API Error 400: "Only valid bearer authentication supported"
- Only valid bearer authentication supported - Python - Spotify API
- Spotify API error 400: "only valid bearer authentication supported"
- I am using php to connect to spotify's API with PHP and with the client credentials flow
- How to send Bearer token to client and then call token from client