Spotify API Authorization gives me different refresh token each time

1
votes

I follow the steps in the Spotify Web Api Tutorial using the authorization-code from the Spotify Accounts Authentication Examples. Everything is okey, I register an application with Spotify, authenticate a user and get authorization to access user data and when the page show me the user data the refresh token is different each time I authenticate myself. I think refresh token shuld not change.

The only modification I did in the example code was replace the client id, client secret and the redirect uri with the correct values from my application.

Any advices?

1
javaapispotify
Does this answer your question? Why Does OAuth v2 Have Both Access and Refresh Tokens?Nikolai Shevchenko
@NikolaiShevchenko Thanks for the reference. That's what I said, the refresh token should be the same, but every time I ask Spotify for a refresh token with the same account it gives me a new refresh token. I'm doing something wrong I know...Juan Antonio Miralles

1 Answers

0
votes

For the Authorisation Code Flow you just need to do that initial authentication you're already doing. It will always return a new refresh token however that token can be used over an over with 4. Requesting a refreshed access token; Spotify returns a new access token to your app from Authorisation Guide that will return you a new access token for subsequent calls and you won't need to do the Authentication Step you're doing multiple times just keep doing that one.