This is how you do that if you have an URL like this https://open.spotify.com/playlist/04ZwFco4KsjgPlVMtzwfgS
:
curl --request GET \
--url 'https://api-partner.spotify.com/pathfinder/v1/query?operationName=fetchPlaylistMetadata&variables=%7B%22uri%22%3A%22spotify%3Aplaylist%3A04ZwFco4KsjgPlVMtzwfgS%22%2C%22offset%22%3A0%2C%22limit%22%3A3600%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2291d4c2bc3e0cd1bc672281c4f1f59f43ff55ba726ca04a45810d99bd091f3f0e%22%7D%7D' \
--header 'accept: application/json' \
--header 'authorization: Bearer BQC5nawapxAyWAuEwkypD2TdMLN3YNVWgtWypxznadORLWsBQg6zG0FvJ1O1W7ZgtprCqqPQZG1LkHubRfkDiAl2zbzu8KDJkGT-zFSQHH6vT4-Alv4' \
--header 'content-type: application/json;charset=UTF-8' \
--header 'user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36'
This request has 2 things that should be changed, which is the query string (variables
, extensions
) and the Authorization
header.
The variables
param is this but URL-encoded, replace uri.
{"uri":"spotify:playlist:04ZwFco4KsjgPlVMtzwfgS","offset":0,"limit":3600}
The extensions
param is this, also URL-encoded
{"persistedQuery":{"version":1,"sha256Hash":"91d4c2bc3e0cd1bc672281c4f1f59f43ff55ba726ca04a45810d99bd091f3f0e"}}
sha256Hash
can be found in https://open.spotifycdn.com/cdn/build/web-player/web-player.6446beec.js
, this url changes, it can be found in the HTML body
and then finally the access token in the auth header, which can be found in the HTML body