Spotipy -- accessing tracks from a public playlist without authentication

Question

I want to search through public playlists and get the tracks. So far I have code which can get the names of the playlists but not the tracks:

import spotipy
import sys
sp = spotipy.Spotify()

if len(sys.argv) > 1:
    artist_name = ' '.join(sys.argv[1:])
    results = sp.search(q=artist_name, limit=20, type='playlist')
    for i, t in enumerate(results['playlists']['items']):
        print(i,' ', t['name'])

This will print a list of the first 20 public playlists names given the search condition. What I want is to also print the tracks in each playlist! I thought this would be simple, but after searching it seems like the only way is to via authentication, which I do not want. These tracks are public, so why would I need to authenticate to list the tracks?! There are two reasons I think this. 1) if I add (in the loop):

print t['tracks']

the request response says "This request requires authentication". Additionally, I found this example on the spotipy documentation which is exactly what I want, but only for authenticated users. https://github.com/plamere/spotipy/blob/dd021c4087981b583ef0f2b276cd43bbc6fd429f/examples/user_playlists_contents.py So, is there any way to view the tracks without authenticating as the owner of that playlist? Opening the desktop Spotify app can quickly show anyone that public playlist tracks are completely searchable and viewable so it must be possible. I apologize if this is an extremely specific question -- but I'm not sure where else to ask seeing as this is my first time with this API or with an API like this at all. I have done quite a bit of research on this topic and now have resigned to asking for help.

You need to be authenticated, since you need to be a Spotify Premium member to use their API — heinst, Jul 07 '16 at 17:06
In the above code I've posted (which just prints the names of playlists given a search term) there is NO authentication involved. I'm talking about the authentication where you give a user ID and return the redirect URL. I believe, from reading the link I posted above, you have to authenticate as the *owner of that playlist* in order to read the tracks of that playlist in the way they did it. — skex, Jul 07 '16 at 17:08
Why are you asking _us_ about why Spotify requires authentication on their API? Are you just ranting? — Two-Bit Alchemist, Jul 07 '16 at 17:09
I'm not, we must have a misunderstanding. Some of their API requires no authentication (such as searching and the like) and some does (such as accessing PRIVATE playlists or modifying your personal library -- which makes sense). I'm asking HOW to read the PUBLIC tracks from a public playlist without authenticating as that user, because it must be possible. If you read my post you'll see I have successfully searched public playlists, I just don't know how to access the tracks without authentication. — skex, Jul 07 '16 at 17:12
I haven't found anything that says explicitly this function must be authenticated, just all the examples seem to only be accessing ones own playlist tracks rather than public playlist tracks. I haven't found an example that is trying to achieve what I'm saying. If it's in the public search space, and I can access the titles of these playlists why couldn't I access the tracks? They are public, and searchable within any Spotify application. It just seems logical that it's possible, and I was hoping maybe someone with experience with the API had insight. — skex, Jul 07 '16 at 17:16
https://github.com/plamere/spotipy/blob/dd021c4087981b583ef0f2b276cd43bbc6fd429f/examples/user_playlists_contents.py#L1 Literally the first line on the example for Spotipy (which I assume was made by the creator of the spotipy library, so they must know the API in and out) say you need to be authenticated for it to work.... — heinst, Jul 07 '16 at 17:17
@heinst I did see that, I just thought maybe that was for inclusion of private playlists as well, seeing as that's the only cause playlist information wouldn't be public information. If this simply isn't possible I understand, but I was just hoping to get confirmation from someone who is familiar with the APl. It doesn't make any sense to me that it wouldn't be public via the API considering it's already public. — skex, Jul 07 '16 at 17:19
There is a way to get a token for public content: https://stackoverflow.com/a/76322294/10570318 — BeatEngine, May 24 '23 at 12:26

score 4 · Accepted Answer · edited Oct 07 '21 at 08:46

This is a typical OAuth confusion. There are potentially three parties involved here.

Your application (that tiny little python snippet above)
Spotify Web API
A Spotify user

If your app wanted to find and delete a Spotify user's playlists that begin with X, the Spotify Web API would demand that your app first nicely ask the user for permission to do that. Feels natural...

In this scenario, your app Playlist X Deleter first has to authenticate to prove that it actually is Playlist X Deleter. The user then needs to authenticate with Spotify to prove that it actually is the user the Playlist X Deleter wanted to delete playlists for. Then, the user who we now know who it is needs to authorize Playlist X Deleter that we now know who it is to delete playlists.

So, you have an app that authenticates and a user who authenticates.

For information that is public, there is no obvious reason why a user needs to authenticate. There is also no obvious reason why an app needs to authenticate. However, Spotify has decided that the app must authenticate to get public playlist information. Maybe so it can disable bad users who spiders too much playlist data or otherwise abuse the api.

In this case, since there are no private playlists involved, and only read rights, no user needs to authorize anything. In the OAuth world, this is called client credentials flow https://www.rfc-editor.org/rfc/rfc6749#section-4.4

Go to the developer console and create an application to get a client_id and client_secret:

https://developer.spotify.com/my-applications/#!/applications/create

Then follow:

https://developer.spotify.com/web-api/authorization-guide/#client_credentials_flow

or in your case, supply the client_id and client_secret to spotipy through the SpotifyClientCredentials

doc: http://spotipy.readthedocs.io/en/latest/#spotipy.oauth2.SpotifyClientCredentials

example snippet (that doesn't fill in anything though): https://github.com/plamere/spotipy/blob/master/examples/client_credentials_flow.py