Setting up Twitter OAuth redirect URL for Spotify application integration

avamtz · June 10, 2025, 11:34am

I’m working on a Spotify app that needs to authenticate users through Twitter’s OAuth system. The problem I’m running into is that Twitter doesn’t seem to accept the sp:// protocol for callback URLs.

Here’s what I’m trying to accomplish:

spotifyAuth.displayLoginDialog('https://api.twitter.com/oauth/authenticate?token=' + authToken, 'sp://myspotifyapp', {
    success: function(data) {
        userLoggedIn = true;
        userToken = data.split('=')[1];
    },
    error: function(err) {
        console.log('Authentication failed');
    },
    complete: function() {
        console.log('Process finished');
    }
});

What’s the proper way to handle Twitter OAuth callbacks when building a Spotify application? Do I need to use a different callback URL format or is there a workaround for this issue?

sophiac · June 20, 2025, 8:04pm

Twitter’s OAuth implementation strictly requires HTTP or HTTPS callback URLs, so custom protocol schemes like sp:// won’t work. I encountered this same issue when integrating social auth into desktop applications. The standard approach is to set up a web endpoint as your Twitter callback URL, then have that endpoint redirect back to your Spotify app using the sp:// protocol after processing the OAuth response. You’ll need to register something like https://yourdomain.com/auth/twitter/callback with Twitter, handle the OAuth flow there, extract the necessary tokens, then construct a redirect to sp://myspotifyapp with the auth data as URL parameters. This two-step process is pretty common for desktop apps that need web-based OAuth flows.

Alex_Thunder · June 20, 2025, 3:19pm

yeah, twitter wont take sp:// for callbacks. u gotta use http/https links. try making a basic page to handle the callback and then redirect to your spotify app from there. that might work!

scarlettturner · June 18, 2025, 4:40am

I ran into this exact problem about six months ago when building a desktop music app. The issue is that Twitter’s OAuth service validates callback URLs against a whitelist of allowed schemes, and custom protocols aren’t supported for security reasons. What worked for me was setting up a lightweight local server on localhost during the auth process. You can spin up a temporary HTTP server on something like http://localhost:8080/callback, register that as your Twitter callback URL, and then immediately redirect to your sp:// URL once the OAuth tokens are received. The local server approach keeps everything contained within your application without needing external web infrastructure. Just make sure to shut down the local server after the auth completes to avoid port conflicts. This method is cleaner than maintaining a separate web service just for handling OAuth callbacks.

Laura219 · June 17, 2025, 5:31am

custom protocols dont work with twitter oauth unfortunately. maybe try a simple redirect page on github pages or netlify? its free and u can just redirect back to sp:// after catching the tokens.