localhost string not allowed in Spotify redirect URI's as of April 9th, 2025 #224
Description
From the Spotify developers page (link), the use of URI's containing "localhost" is no longer permitted.
Currently the function spotifyr::get_spotify_authorization_code() uses httr::oauth_callback() to construct the redirect URI, which is http://localhost:1410/ by default. Thus, based on the recent changes by Spotify the authentication for new apps fails.
To fix this, I hard-coded the redirect URI to http://127.0.0.1:1410/ when constructing the oauth app and it works now.
app <- oauth_app("spotifyr", client_id, client_secret, redirect_uri = "http://127.0.0.1:1410/")
I'm not sure what the best way to handle this issue would be, but leaving this here for other users of the package in case they get stuck authenticating their app.
Temporary Solution
After loading the spotifyr package, run the following code in the R console to redefine the function get_spotify_authorization_code().
get_spotify_authorization_code <- function (client_id = Sys.getenv("SPOTIFY_CLIENT_ID"), client_secret = Sys.getenv("SPOTIFY_CLIENT_SECRET"),
scope = scopes())
{
endpoint <- oauth_endpoint(authorize = "https://accounts.spotify.com/authorize",
access = "https://accounts.spotify.com/api/token")
app <- oauth_app("spotifyr", client_id, client_secret, redirect_uri = "http://127.0.0.1:1410/")
token <- (purrr::safely(.f = oauth2.0_token))(endpoint = endpoint,
app = app, scope = scope)
if (!is.null(token$error)) {
token$error
}
else {
token$result
}
}
Once you've run the code, double checked your Spotify app redirect URI is listed exactly as http://127.0.0.1:1410/, and your client_id/client_secret environment variables match your Spotify app, run the redefined function in the R console and follow the steps on the screen to authenticate your app.
get_spotify_authorization_code()
Note: when you restart R, spotifyr::get_spotify_authorization_code will revert back to the original function definition found in the package.