Spotify API Creation

Hey everyone,

I’m in the beginning stages of looking into accessing the Spotify API. Has anyone had success accessing it? How did you do it? Any good tips/references guides? Spotify API docs are interesting to navigate.


Hi @kstacy,

Spotify’s API documentation requires OAuth 2.0 to connect to Parabola. Check out our How To documentation that demonstrates how to connect Spotify using this method.

Start by heading to your Spotify Developer Dashboard to create a new application. Enter an app name, description, and accept the terms of service. Once complete, a Client ID and Client Secret will be generated. We’ll need those when authenticating in Parabola.

Next, click the green Edit Settings button and paste the following URL in the Redirect URIs field:

To connect your Spotify application to Parabola, use the “Pull from an API” step. To get started, head to the Authentication tab, select OAuth 2.0, and follow these step settings:

1. Authorization

  • Enter the following base URL:
  • Swap out Your Client ID for the actual Client ID provided by Spotify.
  • Add response_type as a URL parameter and set the value to code.
  • Enter the same Redirect URI listed above as a URL parameter.

2. Access Token

  • Enter the following base URL:
  • Select POST as the method.
  • Add grant_type as a URL parameter and set the value to refresh_token.
  • Enter the same Redirect URI listed above as a URL parameter,

Next, select Advanced Options to add a custom header.

  • Set the Header Key to Authorization.
  • Set the Header Value to the following: Basic your_client_id:your_client_secret.
  • Swap your_client_id with your actual Client ID.
  • Swap your_client_secret with your actual Client Secret. Keep these values separated by a colon.

You will need to Base64 encode the header value. To do this, copy and paste that value into this website. For example, if your header value is Basic 123:456, the encoded value is QmFzaWMgMTIzOjQ1Ng==.

3. Refresh Token

  • Enter the following base URL:
  • Select POST as the method.
  • Add grant_type as a URL parameter and set the value to refresh_token.
  • Add refresh_token as a URL parameter and keep the value blank.

Finally, select Authorize and a pop-up modal will appear validating your authentication request.

You can now make a request to Spotify. The example below uses their Search API to pull in data about Metallica.

There’s a lot to unpack here, so if you have any additional questions or need help querying a specific resource, let us know. Hope this helps!

Hey @daniel, thanks for the guide! However, I’ve closely replicated each step and keep getting an error once I hit Authorize. I’m not sure what I could be doing wrong.

Here’s a couple things I wasn’t sure about:

  • Where do I use the Base64 encoded value? Do I replace the Basic 1234:5678 value with the Base64 encoded value? It’s not clear what I need to do with it.

  • The screenshot for 2. Access Token shows authorization_code as the value for grant-type. However, the guide says to put refresh_token as its value.

  • The screenshot for 3. Refresh Token shows the Header Key as Authorization and the Header Value as the Basic 1234:5678 value. However, the guide does not say to put anything into these Advanced Options values for step 3.

Hoping to figure this out… thanks again~

Hey @Roger,

Sounds like you’re on the right track! Happy to help finish the swing:

  • Base64 encoded value: To create this value, first type into the Base64 Encoder website your_client_id:your_client_secret. When typing this into the the Base64 encoder, you will not include the word “Basic.” Once the site returns the encoded value, you will head over to the Parabola header and set the value to "Basic encoded value". The quotes are not included in the header, but the word “Basic” is included.

  • Grant_type: As seen in Daniel’s screenshots, in Part 2: Access Token, you will include authorization_code as the grant_type. You are correct in saying that refresh_token is another valid value for grant_type, though we use the value refresh_token in Part 3: Refresh Token.

  • Authorization in Part 3: I also no longer see the required Authorization header when requesting an access token, so feel free to exclude it! It does seems that we have successfully authorized this connection in the past using this header here, so feel free to include it if you run into any issues.

Let us know if you run into any other issues.

Hey @Adam_R! Thanks for the tips. It wasn’t entirely clear that I only needed your_client_id:your_client_secret encoded with Base64, not the word “Basic”.

I was still getting an error after following your tips. However, I figured out the problem:

  • in the first step, 1. Authorization, the guide says to enter the base URL as However, the screenshot shows the URL as, so I used that instead and everything worked!

I know nothing about API’s, but it occurred to me that a URL with authorize in it should probably be used for the 1. Authorization step :wink:

Now for the fun stuff: Spotify playlists.