<titledata-react-helmet="true">Authorization Code | SpotifyAPI-NET</title><metadata-react-helmet="true"name="docsearch:version"content="next"><metadata-react-helmet="true"name="twitter:card"content="summary_large_image"><metadata-react-helmet="true"property="og:title"content="Authorization Code | SpotifyAPI-NET"><metadata-react-helmet="true"name="description"content="This flow is suitable for long-running applications in which the user grants permission only once. It provides an access token that can be refreshed. Since the token exchange involves sending your secret key, perform this on a secure location, like a backend service, and not from a client such as a browser or from a mobile app."><metadata-react-helmet="true"property="og:description"content="This flow is suitable for long-running applications in which the user grants permission only once. It provides an access token that can be refreshed. Since the token exchange involves sending your secret key, perform this on a secure location, like a backend service, and not from a client such as a browser or from a mobile app."><metadata-react-helmet="true"property="og:url"content="https://johnnycrazy.github.io/SpotifyAPI-NET/docs/next/authorization_code"><linkdata-react-helmet="true"rel="shortcut icon"href="/SpotifyAPI-NET/img/favicon.ico"><linkdata-react-helmet="true"rel="canonical"href="https://johnnycrazy.github.io/SpotifyAPI-NET/docs/next/authorization_code"><linkrel="stylesheet"href="/SpotifyAPI-NET/styles.8a053330.css">
</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> var spotify = new SpotifyClient(response.AccessToken);</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> // Also important for later: response.RefreshToken</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">}</span></div></div></div></div></div><p>If the token expires at some point (check via <code>response.IsExpired</code>), you can refresh it:</p><divclass="mdxCodeBlock_iHAB"><divclass="codeBlockContent_32p_"><buttontype="button"aria-label="Copy code to clipboard"class="copyButton_1BYj">Copy</button><divtabindex="0"class="prism-code language-csharp codeBlock_19pQ"><divclass="codeBlockLines_2n9r"style="color:#bfc7d5;background-color:#292d3e"><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">var newResponse = await new OAuthClient().RequestToken(</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> new AuthorizationCodeRefreshRequest("ClientId", "ClientSecret", response.RefreshToken)</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">);</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"style="display:inline-block">
</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">var spotify = new SpotifyClient(newResponse.AccessToken);</span></div></div></div></div></div><p>You can also let the <code>AuthorizationCodeAuthenticator</code> take care of the refresh part:</p><divclass="mdxCodeBlock_iHAB"><divclass="codeBlockContent_32p_"><buttontype="button"aria-label="Copy code to clipboard"class="copyButton_1BYj">Copy</button><divtabindex="0"class="prism-code language-csharp codeBlock_19pQ"><divclass="codeBlockLines_2n9r"style="color:#bfc7d5;background-color:#292d3e"><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">var response = await new OAuthClient().RequestToken(</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> new AuthorizationCodeTokenRequest("ClientId", "ClientSecret", code, "http://localhost:5000")</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">);</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">var config = SpotifyClientConfig</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> .CreateDefault()</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> .WithAuthenticator(new AuthorizationCodeAuthenticator("ClientId", "ClientSecret", response));</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"style="display:inline-block">
</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">var spotify = new SpotifyClient(config);</span></div></div></div></div></div><p>For a real example, have a look at <ahref="https://github.com/JohnnyCrazy/SpotifyAPI-NET/tree/master/SpotifyAPI.Web.Examples/Example.ASP">Example.ASP</a>. This also uses the great package <code>AspNet.Security.OAuth.Spotify</code> which takes care of the OAuth flow inside of <code>ASP.NET</code>.</p><h2><aaria-hidden="true"tabindex="-1"class="anchor enhancedAnchor_ZqCz"id="using-spotifywebauth"></a>Using Spotify.Web.Auth<aaria-hidden="true"tabindex="-1"class="hash-link"href="#using-spotifywebauth"title="Direct link to heading">#</a></h2><p>For cross-platform CLI and desktop apps (non <code>UWP</code> apps), <code>Spotify.Web.Auth</code> can be used to supply a small embedded Web Server for the code retrieval.</p><divclass="admonition admonition-warning alert alert--danger"><divclass="admonition-heading"><h5><spanclass="admonition-icon"><svgxmlns="http://www.w3.org/2000/svg"width="12"height="16"viewBox="0 0 12 16"><pathfill-rule="evenodd"d="M5.05.31c.81 2.17.41 3.38-.52 4.31C3.55 5.67 1.98 6.45.9 7.98c-1.45 2.05-1.7 6.53 3.53 7.7-2.2-1.16-2.67-4.52-.3-6.61-.61 2.03.53 3.33 1.94 2.86 1.39-.47 2.3.53 2.27 1.67-.02.78-.31 1.44-1.13 1.81 3.42-.59 4.78-3.42 4.78-5.56 0-2.84-2.53-3.22-1.25-5.61-1.52.13-2.03 1.13-1.89 2.75.09 1.08-1.02 1.8-1.86 1.33-.67-.41-.66-1.19-.06-1.78C8.18 5.31 8.68 2.45 5.05.32L5.03.3l.02.01z"></path></svg></span>warning</h5></div><divclass="admonition-content"><p>Your client secret will be exposed when embedded in a desktop/CLI app. This can be abused and is not prefered. If possible, let the user create an application in the Spotify dashboard or let a server handle the Spotify communication.</p></div></div><divclass="mdxCodeBlock_iHAB"><divclass="codeBlockContent_32p_"><buttontype="button"aria-label="Copy code to clipboard"class="copyButton_1BYj">Copy</button><divtabindex="0"class="prism-code language-csharp codeBlock_19pQ"><divclass="codeBlockLines_2n9r"style="color:#bfc7d5;background-color:#292d3e"><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">private static EmbedIOAuthServer _server;</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"style="display:inline-block">