Spotify WebAPI authorization - client credentials flow error invalid_client

Question

Straight forward question, hopefully with a straight forward answer. I'm attempting to implement the client credentials flow via Node.js, using request. Here's my code

var request = require('request');
var payload = config.spotify.clientID + ":" + config.spotify.clientSecret;
var encodedPayload = new Buffer(payload).toString("base64");

var opts = {
    url: "https://accounts.spotify.com/api/token",
    method: "POST",
    headers: {
        "Content-Type": "application/x-www-form-urlencoded",
        "Authorization": "Bearer " + encodedPayload
    },
    body: "grant_type=client_credentials&scope=playlist-modify-public playlist-modify-private"
};

request(opts, function (err, res, body) {
    console.log('error', err);
    console.log('status', res.statusCode);
    console.log('body', body);
});

No matter what I do, the response body is always

{"error":"invalid_client"}

I've tried making the request using curl, with the same outcome.

$ curl -X POST -H 'Authorization: Bearer <base64encoded client_id:client_secret>' -d 'grant_type=client_credentials&scope=playlist-modify-public playlist-modify-private' https://accounts.spotify.com/api/token

That would imply that it's a problem with the credentials. I'm definitely using the right clientID and clientSecret for my app, which leads me to believe that it's the encoding that's causing the problem.

Am I doing the encoding right? If so, what else might be the cause?

Answer 1

Replace

"Authorization": "Bearer " + ...

with

"Authorization": "Basic " + ...

and see if it works better.