Login with Spotify

To enable Spotify Auth for your project, you need to set up a Spotify OAuth application and add the application credentials to your Supabase Dashboard.

Overview#

Setting up Spotify logins for your application consists of 3 parts:

Access your Spotify Developer account#

Spotify Developer Portal.

Find your callback URL#

The next step requires a callback URL, which looks like this:

https://<project-ref>.supabase.co/auth/v1/callback

  • Go to your Supabase Project Dashboard.
  • Click on the Settings icon at the bottom of the left sidebar.
  • Click on API in the list.
  • Under Config / URL you'll find your API URL, you can click Copy to copy it to the clipboard.
  • Now just add /auth/v1/callback to the end of that to get your full OAuth Redirect URI.

Create a Spotify OAuth app#

  • Log into Spotify.
  • Go to the Spotify Developer Dashboard
  • Click Create an App
  • Type your App name
  • Type your App description
  • Check the box to agree with the Developer TOS and Branding Guidelines
  • Click Create
  • Save your Client ID
  • Save your Client Secret
  • Click Edit Settings

Under Redirect URIs:

  • Paste your Supabase Callback URL in the box
  • Click Add
  • Click Save at the bottom

Enter your Spotify credentials into your Supabase Project#

  • Go to your Supabase Project Dashboard.
  • In the left sidebar, click the Authentication icon (near the top).
  • Click Settings from the list to go to the Authentication Settings page.
  • Enter the final (hosted) URL of your app under Site URL (this is important).
  • Under External OAuth Providers turn Spotify Enabled to ON.
  • Enter your Client ID (client_id) and Client Secret (client_secret) saved in the previous step.
  • Click Save.

Add login code to your client app#

When your user signs in, call signInWithOAuth() with spotify as the provider:

1async function signInWithSpotify() {
2  const { data, error } = await supabase.auth.signInWithOAuth({
3    provider: 'spotify',
4  })
5}

When your user signs out, call signOut() to remove them from the browser session and any objects from localStorage:

1async function signout() {
2  const { error } = await supabase.auth.signOut()
3}

Resources#