When your application seeks authorization to access user-related data, you will often need to specify one or more scopes. Here’s how.

Some calls to the Spotify Web API require prior authorization by your application’s user. To get that authorization, your application will first need to make a call to the Spotify Accounts Service’s /authorize endpoint, passing along a list of the scopes for which access permission is sought.

Scopes let you specify exactly what types of data your application wants to access, and the set of scopes you pass in your call determines what access permissions the user is asked to grant.

Example

The following code makes a request asking for scopes ‘user-read-private’ and ‘user-read-email':

app.get('/login', function(req, res) {
var scopes = 'user-read-private user-read-email';
res.redirect('https://accounts.spotify.com/authorize' + 
  '?response_type=code' +
  '&client_id=' + my_client_id +
  (scopes ? '&scope=' + encodeURIComponent(scopes) : '') +
  '&redirect_uri=' + encodeURIComponent(redirect_uri));
});

On execution, the user is redirected to a page explaining the information that is requested:

scopes-permissions-dialog

Determining the scopes needed

Check an endpoint’s documentation to see if it does require prior authorization: usually, authorization is only required for user-related data. For more about authorization see our Authorization Guide.

List of scopes

Here is a list of the available scopes:

Scope
Access permissions sought
Prompt shown to user
-If no scope is specified, access is permitted only to publicly available information: that is, only information normally visible to normal logged-in users of the Spotify desktop, web, and mobile clients (e.g. public playlists)."Read your publicly available information"
playlist-read-privateRead access to user's private playlists."Access your private playlists"
playlist-read-collaborativeInclude collaborative playlists when requesting a user's playlists."Access your collaborative playlists"
playlist-modify-publicWrite access to a user's public playlists."Manage your public playlists"
playlist-modify-privateWrite access to a user's private playlists."Manage your private playlists"
streamingControl playback of a Spotify track. This scope is currently only available to Spotify native SDKs (for example, the iOS SDK and the Android SDK). The user must have a Spotify Premium account."Play music and control playback on your other devices"
user-follow-modifyWrite/delete access to the list of artists and other users that the user follows."Manage who you are following"
user-follow-readRead access to the list of artists and other users that the user follows."Access your followers and who you are following"
user-library-readRead access to a user's "Your Music" library. (NOTE: Although 'Albums' is included in these permissions, the relevant endpoint is not yet available)"Access your saved tracks and albums"
user-library-modifyWrite/delete access to a user's "Your Music" library. (NOTE: Although 'Albums' is included in these permissions, the relevant endpoint is not yet available)"Manage your saved tracks and albums"
user-read-privateRead access to user’s subscription details (type of user account)."Access your subscription details"
user-read-birthdateRead access to the user's birthdate."Receive your birthdate"
user-read-emailRead access to user’s email address."Get your real email address"