Authentication/Social Login (OAuth)/Providers/Custom Providers

Spotify OAuth Provider

Descope allows you to create custom Social Login (OAuth) providers within the Authentication Methods page. This allows you to add any Social OAuth authentication within your application. This guide specifically covers the step by step configuration of a custom Spotify OAuth provider.

Creating the Spotify Application

Before creating the custom OAuth provider within the Descope console, you must create and configure an application within your Spotify developer account. You can follow the Spotify App Guide for details on creating your application.

When you create your app within Spotify, you must configure the redirect URI. Set the redirect URI to be https://<your-base-url>/v1/oauth/callback. You can find your project's base url in our Multi-Region Support Guide.

Creating Descope Custom Provider

You can configure a custom provider in the Descope Console. Under Authentication Methods -> Social Login, select + Add custom provider in the top right corner. You can then set the name (in this case, "Spotify"), logo, and description for your custom provider.

Create custom provider

Configure Account Settings

Within the account settings section of your provider, you will configure the following items:

  • Client ID: This is the Client ID of the application created within Spotify
  • Client Secret: This is the Client Secret of the application created within Spotify
  • Scopes: These are the configured scopes granted to Descope for the user within Spotify. Scopes provides Spotify users using third-party apps the confidence that only the information they choose to share will be shared. The minimum needed Spotify scope for Descope to be able to capture the user's email and basic account details from Spotify is user-read-email.
  • Grant Type: Authorization Code grant type uses the default configured response method, while implicit is set to use the Form Post response method with "id_token" response type only.

Custom Spotify OAuth provider account settings configured within Descope

Configure Connection Settings

Within the account settings section of your provider, you will configure the following items:

  • Authorization Endpoint: The endpoint to request authorization from the user. For Spotify, this endpoint is https://accounts.spotify.com/authorize.
  • Token Endpoint: The endpoint to exchange the authorization code for an access token. For Spotify this endpoint is https://accounts.spotify.com/api/token.
  • User Info Endpoint: The endpoint to get user details for attribute mapping. For Spotify, this endpoint is https://api.spotify.com/v1/me.

Custom Spotify OAuth provider connection settings configured within Descope

Configure User Attribute Mapping

Given the user-read-email and user-read-private scopes, Descope can capture any items from the user info endpoint response. Per the below example, we have mapped email and display name.

Custom Spotify OAuth provider user attribute mapping configured within Descope

For more OAuth provider settings information, check out the OAuth Settings Guide. To add Spotify Social Login to your flow, check out our Social Login In Flows Guide.

Was this helpful?

Login.gov

This guide outlines the process for configuring a connection to Login.gov as a custom OAuth provider within Descope.

TikTok

This guide covers the implementation of adding a custom TikTok OAuth (social login) provider within Descope.

On this page