Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.kavachos.com/llms.txt

Use this file to discover all available pages before exploring further.

Setup

1

Get credentials

Go to the Spotify Developer Dashboard and create an app. Under Edit Settings, add your redirect URI:
https://your-app.com/api/kavach/auth/oauth/callback/spotify
Copy the Client ID and Client Secret from the app overview.
2

Configure

import { createKavach, oauth } from 'kavachos';
import { spotifyProvider } from 'kavachos/auth'; 

const kavach = await createKavach({
  database: { provider: 'sqlite', url: 'kavach.db' },
  plugins: [
    oauth({
      providers: [
        spotifyProvider( 
          process.env.SPOTIFY_CLIENT_ID, 
          process.env.SPOTIFY_CLIENT_SECRET, 
        ), 
      ],
    }),
  ],
});

Environment variables

SPOTIFY_CLIENT_ID=your_client_id
SPOTIFY_CLIENT_SECRET=your_client_secret

Scopes

Default scopes: user-read-email, user-read-private To access additional Spotify data, pass a scopes array: 
spotifyProvider(
  process.env.SPOTIFY_CLIENT_ID,
  process.env.SPOTIFY_CLIENT_SECRET,
  { scopes: ['user-read-email', 'user-read-private', 'user-library-read'] }, 
)
The user-read-email scope is required to retrieve the user’s email address. Without it, the identity will fall back to the Spotify user ID.

Endpoints

MethodPathDescription
GET/auth/oauth/authorize/spotifyRedirect to Spotify
GET/auth/oauth/callback/spotifyHandle callback
Last modified on April 29, 2026