Skip to main content

Auth Token

npm Codecov


This package provides a simple and lightweight implementation of Spotify's Authorization Code Flow according to the Spotify docs. You authenticate with a Spotify application and get back a refresh token that can be used to access Spotify data in long-running applications. If you're not yet familiar with Spotify's authorization process, check out this quick summary or read the official docs.

Usually, a refresh token only needs to be generated once. Such a token only expires when the client secret of your Spotify application is reset and otherwise lives forever.

This helper was mainly developed to simplify my Spotify history scrobbler.

CLI Usage

Create your custom command using the query builder below and paste it into your terminal.

With NPX

npx @spotifly/cli@latest auth --port 3000 --scopes "user-read-email" --file-name spotify-token

With CLI

spotifly auth --port 3000 --scopes "user-read-email" --file-name spotify-token

Flags and Commands

Usage: spotifly auth [command?] <...flags>

help Print this help message

Required flags
--client-id [string] The client id of your Spotify application
--client-secret [string] The client secret of your Spotify application

Optional flags
-f, --file-name [string] Custom name for the output JSON file
--no-emit [boolean] When set to true, does not save the token to the file system
-o, --out-dir [string] Custom relative output directory
-p, --port [number] Port for the localhost redirect URL
-s, --scopes [string] Spotify authorization scopes. Multiple scopes need to be separated by a space
-h, --help Print this help message

Programmatic Usage


npm install -D @spotifly/auth-token


  • ES Modules
import { authorize } from '@spotifly/auth-token';

const token = await authorize({
clientId: 'clientId',
clientSecret: 'clientSecret',
port: 3000,
scopes: 'user-read-email user-top-read',
  • TypeScript
import { authorize, Options } from '@spotifly/auth-token';

const options: Options = {
clientId: 's',
clientSecret: 's',
noEmit: true,

const token = await authorize(options);