Client Credentials Authorization in C#
Getting Started
For this writeup, I'm going to use the Spotify API. Spotify API supports different authorization flows. In this writeup, I will be using the client credentials authorization flow. Generally this works for server-to-server authentication. Because this does not allow users the ability to provide their own credentials, there is no access to endpoints that contain user data.
Create a new .NET Core Console Application
dotnet new console -o authtest
Add Dependencies
dotnet add package Newtonsoft.Json --version 10.0.3
Access Token Model
When a request is made, it needs to be parsed. To better capture the data into a Plain Old CLR Object (POCO), a model can be created.
using System;
namespace authtest
{
class AccessToken
{
public string access_token { get; set; }
public string token_type { get; set; }
public long expires_in { get; set; }
}
}
Request Token
In order to extract our token, an HTTP Request needs to be made to the Spotify API in order to get an access token. To do so, we can leverage the HTTPClient
functionalities.
private static async Task<string> GetToken()
{
string clientId = "YOUR CLIENT ID";
string clientSecret = "YOUR CLIENT SECRET";
string credentials = String.Format("{0}:{1}",clientId,clientSecret);
using(var client = new HttpClient())
{
//Define Headers
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic",Convert.ToBase64String(Encoding.UTF8.GetBytes(credentials)));
//Prepare Request Body
List<KeyValuePair<string,string>> requestData = new List<KeyValuePair<string,string>>();
requestData.Add(new KeyValuePair<string,string>("grant_type","client_credentials"));
FormUrlEncodedContent requestBody = new FormUrlEncodedContent(requestData);
//Request Token
var request = await client.PostAsync("https://accounts.spotify.com/api/token",requestBody);
var response = await request.Content.ReadAsStringAsync();
return JsonConvert.DeserializeObject<AccessToken>(response);
}
}
We can then use this function in our main method to request the token.
static void Main(string[] args)
{
Console.WriteLine("Spotify API");
AccessToken token = GetToken().Result;
Console.WriteLine(String.Format("Access Token: {0}",token.access_token));
}
This should produce the following output
Spotify API
Getting Token
Access Token: "YOUR ACCESS TOKEN"
The token can now be used to make requests to the Spotify API.
Source Code can be found here Source Code