<linkrel="alternate"type="application/rss+xml"href="/SpotifyAPI-NET/news/rss.xml"title="SpotifyAPI-NET Blog RSS Feed">
<linkrel="alternate"type="application/atom+xml"href="/SpotifyAPI-NET/news/atom.xml"title="SpotifyAPI-NET Blog Atom Feed"><titledata-react-helmet="true">Authorization Code | SpotifyAPI-NET</title><metadata-react-helmet="true"property="og:url"content="https://johnnycrazy.github.io/SpotifyAPI-NET/docs/5.1.1/auth/authorization_code"><metadata-react-helmet="true"name="docusaurus_locale"content="en"><metadata-react-helmet="true"name="docusaurus_version"content="5.1.1"><metadata-react-helmet="true"name="docusaurus_tag"content="docs-default-5.1.1"><metadata-react-helmet="true"property="og:title"content="Authorization Code | SpotifyAPI-NET"><metadata-react-helmet="true"name="description"content="This way is not recommended for client-side apps and requires server-side code to run securely."><metadata-react-helmet="true"property="og:description"content="This way is not recommended for client-side apps and requires server-side code to run securely."><linkdata-react-helmet="true"rel="shortcut icon"href="/SpotifyAPI-NET/img/favicon.ico"><linkdata-react-helmet="true"rel="canonical"href="https://johnnycrazy.github.io/SpotifyAPI-NET/docs/5.1.1/auth/authorization_code"><linkdata-react-helmet="true"rel="alternate"href="https://johnnycrazy.github.io/SpotifyAPI-NET/docs/5.1.1/auth/authorization_code"hreflang="en"><linkdata-react-helmet="true"rel="alternate"href="https://johnnycrazy.github.io/SpotifyAPI-NET/docs/5.1.1/auth/authorization_code"hreflang="x-default"><linkrel="stylesheet"href="/SpotifyAPI-NET/assets/css/styles.fa980c59.css">
With this approach, you first get a code which you need to trade against the access-token.
In this exchange you need to provide your Client-Secret and because of that it's not recommended.
A good thing about this method: You can always refresh your token, without having the user to auth it again.</p><p>More info: <ahref="https://developer.spotify.com/documentation/general/guides/authorization-guide/#authorization-code-flow"target="_blank"rel="noopener noreferrer">here</a></p><divclass="codeBlockContainer_K1bP"><divclass="codeBlockContent_hGly csharp"><divtabindex="0"class="prism-code language-csharp codeBlock_23N8 thin-scrollbar"><divclass="codeBlockLines_39YC"style="color:#bfc7d5;background-color:#292d3e"><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">static async void Main(string[] args)</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">{</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> AuthorizationCodeAuth auth = new AuthorizationCodeAuth(</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> _clientId,</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> _secretId,</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">"http://localhost:4002",</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">"http://localhost:4002",</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> Scope.PlaylistReadPrivate | Scope.PlaylistReadCollaborative</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> );</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"style="display:inline-block">
</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> auth.AuthReceived += async (sender, payload) =></span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> {</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> auth.Stop();</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> Token token = await auth.ExchangeCode(payload.Code);</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> SpotifyWebAPI api = new SpotifyWebAPI()</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> {</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> TokenType = token.TokenType,</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> AccessToken = token.AccessToken</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> };</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> // Do requests with API client</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> };</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> auth.Start(); // Starts an internal HTTP Server</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"> auth.OpenBrowser();</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">}</span></div></div></div><buttontype="button"aria-label="Copy code to clipboard"class="copyButton_Ue-o">Copy</button></div></div><h2><aaria-hidden="true"tabindex="-1"class="anchor enhancedAnchor_2LWZ"id="token-refresh"></a>Token Refresh<aclass="hash-link"href="#token-refresh"title="Direct link to heading">#</a></h2><p>Once the <code>AccessToken</code> is expired, you can use your <code>RefreshToken</code> to get a new one.
In this procedure, no HTTP Server is needed in the background and a single HTTP Request is made.</p><divclass="codeBlockContainer_K1bP"><divclass="codeBlockContent_hGly csharp"><divtabindex="0"class="prism-code language-csharp codeBlock_23N8 thin-scrollbar"><divclass="codeBlockLines_39YC"style="color:#bfc7d5;background-color:#292d3e"><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain">// Auth code from above</span></div><divclass="token-line"style="color:#bfc7d5"><spanclass="token plain"style="display:inline-block">