Spotify OAuth Provider
Descope allows you to create custom Social Login (OAuth) providers within the Authentication Methods page. This allows you to add any Social OAuth authentication within your application. This guide specifically covers the step by step configuration of a custom Spotify OAuth provider.
Creating the Spotify Application
Before creating the custom OAuth provider within the Descope console, you must create and configure an application within your Spotify developer account. You can follow the Spotify App Guide for details on creating your application.
When you create your app within Spotify, you must configure the redirect URI. Set the redirect URI to be https://<your-base-url>/v1/oauth/callback
. You can find your project's base url in our Multi-Region Support Guide.
Creating Descope Custom Provider
You can configure a custom provider in the Descope Console. Under Authentication Methods -> Social Login, select + Add custom provider
in the top right corner. You can
then set the name (in this case, "Spotify"), logo, and description for your custom provider.
Configure Account Settings
Within the account settings section of your provider, you will configure the following items:
Client ID
: This is the Client ID of the application created within SpotifyClient Secret
: This is the Client Secret of the application created within SpotifyScopes
: These are the configured scopes granted to Descope for the user within Spotify. Scopes provides Spotify users using third-party apps the confidence that only the information they choose to share will be shared. The minimum needed Spotify scope for Descope to be able to capture the user's email and basic account details from Spotify isuser-read-email
.Grant Type
: Authorization Code grant type uses the default configured response method, while implicit is set to use the Form Post response method with "id_token" response type only.
Configure Connection Settings
Within the account settings section of your provider, you will configure the following items:
Authorization Endpoint
: The endpoint to request authorization from the user. For Spotify, this endpoint ishttps://accounts.spotify.com/authorize
.Token Endpoint
: The endpoint to exchange the authorization code for an access token. For Spotify this endpoint ishttps://accounts.spotify.com/api/token
.User Info Endpoint
: The endpoint to get user details for attribute mapping. For Spotify, this endpoint ishttps://api.spotify.com/v1/me
.
Configure User Attribute Mapping
Given the user-read-email
and user-read-private
scopes, Descope can capture any items
from the user info endpoint
response. Per the below example, we have mapped email and display name.
For more OAuth provider settings information, check out the OAuth Settings Guide. To add Spotify Social Login to your flow, check out our Social Login In Flows Guide.