PHPackages                             kerox/oauth2-spotify - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. kerox/oauth2-spotify

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

kerox/oauth2-spotify
====================

Spotify Oauth 2.0 Client Provider for The PHP League OAuth2-Client

2.0.0(3y ago)922.7k↓38.2%2MITPHPPHP &gt;=8.1

Since Nov 10Pushed 3y ago1 watchersCompare

[ Source](https://github.com/ker0x/oauth2-spotify)[ Packagist](https://packagist.org/packages/kerox/oauth2-spotify)[ Docs](https://github.com/ker0x/oauth2-spotify)[ RSS](/packages/kerox-oauth2-spotify/feed)WikiDiscussions main Synced 1mo ago

READMEChangelog (6)Dependencies (3)Versions (7)Used By (0)

 [ ![Build](https://camo.githubusercontent.com/36fc820569be87dd8b4a5dc1211972ea8de8a86273983c66f74da8287c921b3c/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f6b657230782f6f61757468322d73706f746966792f63692e796d6c3f6272616e63683d6d61696e267374796c653d666f722d7468652d6261646765) ](https://github.com/ker0x/oauth2-spotify/actions/workflows/ci.yml "Build") [ ![Coverage](https://camo.githubusercontent.com/3704e19d5865e4a8d8e13b269cf9cbd9839c282e21c1e98e9c26fd80dc701ddc/68747470733a2f2f696d672e736869656c64732e696f2f636f6465636f762f632f67682f6b657230782f6f61757468322d73706f746966793f7374796c653d666f722d7468652d6261646765) ](https://scrutinizer-ci.com/g/ker0x/oauth2-spotify/ "Coverage") [ ![PHP Version](https://camo.githubusercontent.com/03a63ba52b34a79b1d70401a6c6374c6d58aa3a43c106107eee9f575146d0d1b/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f7068702d253345253344253230382e312d3838393242462e7376673f7374796c653d666f722d7468652d6261646765) ](https://php.net "PHP Version") [ ![Downloads](https://camo.githubusercontent.com/a8389d14bc58afbc8fb70285631704a6aec11ddd8c609b501b9dd21371a38d7c/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6b65726f782f6f61757468322d73706f746966792e7376673f7374796c653d666f722d7468652d6261646765) ](https://packagist.org/packages/kerox/oauth2-spotify "Downloads") [ ![Latest Stable Version](https://camo.githubusercontent.com/bc155ec89b3da7d625b43a5401e2071511b703afdaa72b44ee09394e83eb7cf8/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6b65726f782f6f61757468322d73706f746966792e7376673f7374796c653d666f722d7468652d6261646765) ](https://packagist.org/packages/kerox/oauth2-spotify "Latest Stable Version") [ ![License](https://camo.githubusercontent.com/fca9ac7845c6e4c8bc39b0ad643edf8f52925c875d91b7c3bfe29b61e3608e2f/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f6b65726f782f6f61757468322d73706f746966792e7376673f7374796c653d666f722d7468652d6261646765) ](https://packagist.org/packages/kerox/oauth2-spotify "License")

Spotify Provider for OAuth 2.0 Client
=====================================

[](#spotify-provider-for-oauth-20-client)

This package provides Spotify OAuth 2.0 support for the PHP League's [OAuth 2.0 Client](https://github.com/thephpleague/oauth2-client).

Installation
------------

[](#installation)

You can install this package using Composer:

```
composer require kerox/oauth2-spotify

```

You will then need to:

- run `composer install` to get these dependencies added to your vendor directory
- add the autoloader to your application with this line: `require('vendor/autoload.php');`

Usage
-----

[](#usage)

Usage is the same as The League's OAuth client, using `\Kerox\OAuth2\Client\Provider\Spotify` as the provider.

### Authorization Code Flow

[](#authorization-code-flow)

```
$provider = new Kerox\OAuth2\Client\Provider\Spotify([
    'clientId'     => '{spotify-client-id}',
    'clientSecret' => '{spotify-client-secret}',
    'redirectUri'  => 'https://example.com/callback-url',
]);

if (!isset($_GET['code'])) {
    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl([
        'scope' => [
            Kerox\OAuth2\Client\Provider\SpotifyScope::USER_READ_EMAIL->value,
        ]
    ]);

    $_SESSION['oauth2state'] = $provider->getState();

    header('Location: ' . $authUrl);
    exit;

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {

    unset($_SESSION['oauth2state']);
    echo 'Invalid state.';
    exit;

}

// Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken('authorization_code', [
    'code' => $_GET['code']
]);

// Optional: Now you have a token you can look up a users profile data
try {

    // We got an access token, let's now get the user's details
    /** @var \Kerox\OAuth2\Client\Provider\SpotifyResourceOwner $user */
    $user = $provider->getResourceOwner($token);

    // Use these details to create a new profile
    printf('Hello %s!', $user->getDisplayName());

    echo '';
    var_dump($user);
    echo '';

} catch (Exception $e) {

    // Failed to get user details
    exit('Damned...');
}

echo '';
// Use this to interact with an API on the users behalf
var_dump($token->getRefreshToken());
# string(217) "CAADAppfn3msBAI7tZBLWg...

// The time (in epoch time) when an access token will expire
var_dump($token->getExpires());
# int(1436825866)
echo '';
```

### Authorization Scopes

[](#authorization-scopes)

All scopes described in the [official documentation](https://developer.spotify.com/documentation/general/guides/authorization/scopes/) are available through the `\Kerox\OAuth2\Client\Provider\SpotifyScope` enumeration:

- Images
    - UGC\_IMAGE\_UPLOAD
- Spotify Connect
    - USER\_READ\_PLAYBACK\_STATE
    - USER\_MODIFY\_PLAYBACK\_STATE
    - USER\_READ\_CURRENTLY\_PLAYING
- Playback
    - APP\_REMOTE\_CONTROL
    - STREAMING
- Playlists
    - PLAYLIST\_READ\_PRIVATE
    - PLAYLIST\_READ\_COLLABORATIVE
    - PLAYLIST\_MODIFY\_PRIVATE
    - PLAYLIST\_MODIFY\_PUBLIC
- Follow
    - USER\_FOLLOW\_MODIFY
    - USER\_FOLLOW\_READ
- Listening History
    - USER\_READ\_PLAYBACK\_POSITION
    - USER\_TOP\_READ
    - USER\_READ\_RECENTLY\_PLAYED
- Library
    - USER\_LIBRARY\_MODIFY
    - USER\_LIBRARY\_READ
- Users
    - USER\_READ\_PRIVATE
    - USER\_READ\_EMAIL

Contributing
------------

[](#contributing)

Please see [CONTRIBUTING](https://github.com/ker0x/oauth2-spotify/blob/master/CONTRIBUTING.md) for details.

Credits
-------

[](#credits)

- [Romain Monteil](https://github.com/ker0x)

License
-------

[](#license)

The MIT License (MIT). Please see [License File](https://github.com/ker0x/oauth2-spotify/blob/master/LICENSE) for more information.

###  Health Score

38

—

LowBetter than 85% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity33

Limited adoption so far

Community9

Small or concentrated contributor base

Maturity74

Established project with proven stability

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~290 days

Recently: every ~360 days

Total

6

Last Release

1292d ago

Major Versions

1.2.0 → 2.0.02022-11-04

PHP version history (3 changes)1.0.0PHP &gt;=7.1.0

1.2.0PHP &gt;=7.3

2.0.0PHP &gt;=8.1

### Community

Maintainers

![](https://www.gravatar.com/avatar/e808fb4134fc131be0a746ace35a1e2a9eef459bda68de780f817d2dab928279?d=identicon)[ker0x](/maintainers/ker0x)

---

Top Contributors

[![ker0x](https://avatars.githubusercontent.com/u/5331654?v=4)](https://github.com/ker0x "ker0x (24 commits)")

---

Tags

oauthoauth2oauth2-providerphpphp-leaguespotifyclientAuthenticationoauthoauth2authorizationspotify

###  Code Quality

TestsPHPUnit

Code StylePHP CS Fixer

### Embed Badge

![Health badge](/badges/kerox-oauth2-spotify/health.svg)

```
[![Health](https://phpackages.com/badges/kerox-oauth2-spotify/health.svg)](https://phpackages.com/packages/kerox-oauth2-spotify)
```

###  Alternatives

[league/oauth2-google

Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client

42121.2M118](/packages/league-oauth2-google)[cakedc/oauth2-cognito

Cognito OAuth 2.0 Client Provider for The PHP League OAuth2-Client

18597.7k](/packages/cakedc-oauth2-cognito)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)