Update 24 March 2014: We no longer accept new apps for distribution within our Spotify Desktop Player. (You can, of course, still develop Spotify Apps for private use.) Existing Spotify Apps partners may continue to maintain their apps and provide critical updates. For more information, please see our news announcement Closure of Spotify Apps Submissions.

This spring we released a new Spotify Apps API (1.x) that improves how apps work within the Spotify client. This new API is more modern and effective with its asynchronous nature, and it is complemented with a comprehensive views framework with useful widgets for your app.

We also recently upgraded the Spotify desktop client with a better and more secure rendering engine that supports this new API. In the latest Spotify desktop client release (0.9.6) we also introduced the authentication part of the new API which closes the functionality gap to the legacy API.

As the new API now fully replaces the legacy API (0.x), we are now deprecating the legacy API.

As such, we will no longer accept any submissions based on the legacy API . In addition, by the end of March 2014, we will no longer support apps using the legacy API and those apps will no longer work in the Spotify client.

To ensure a smooth transition from the old version of your app, we will need your new submission by first of March 2014. If you have an app using the legacy API *, we encourage you to look at our developer resources to port the app to the new API. Please observe that we have provided a great set of widgets in our Views framework that you can use in the app.

Please send your updated app submission to app-submission@spotify.com

It is important that you make proper versioning of your framework dependencies and declare the right version of the API or views framework in the manifest.

If you are going to use the new authentication API, you need to depend on api version 1.38.0 or later.

To improve security, we are enforcing the CORS headers in server communication from apps using the new API. This means that your servers need to respond with proper “Access-Control-Allow-Origin” headers.We also require apps to list all external servers and their protocols in the “RequiredPermissions” value in the manifest. For security reasons, we also require that communication with servers use HTTPS rather than HTTP as the protocol.

If you need technical support on any of the above, you can post and tag your question on stackoverflow.com.

* Here is how you check if your app is using the new API or not:

If you are having a spotify developer account (If you can see a “Developer” menu choice in the Spotify menu). Then you can start your app and then select “Bundle Manager” from your developer menu, find your app in the list and expand it. Then you can see the dependencies section. It should depend on api 1.0.0 or later if it is using the new API.

Alternatively, f you have access to the app bundle, Look in the “manifest.json” file of your app. If this has a section named “Dependencies” and inside this a selector “api” with a value of 1.0.0 or higher, then you are using the new API. If not, your app is using the legacy API

Example of Manifest Dependencies for an app using the new API:

"Dependencies": {
     "api": "1.0.0",