Apps that make requests to the [Spotify Web API](/documentation/web-api/) rely on OAuth 2.0: a system that helps users authorize third-apps to access Spotify data. Since 2014, Spotify has supported three OAuth flows: the implicit grant flow, the authorization code flow, and the client credentials flow. Today, we are excited to announce that Spotify is offering support for the Proof Key for Code Exchange (PKCE) extension to the OAuth 2.0 authorization code flow. PKCE makes it easier for develo...
