From spotify-ads-api
Configure Spotify Ads API credentials via OAuth 2.0 or direct token. Sets up authentication, ad account, and execution preferences.
npx claudepluginhub spotify/ads-agentic-toolsThis skill is limited to using the following tools:
Set up or update the plugin's local settings file at `.claude/spotify-ads-api.local.md`.
Monitors deployed URLs for regressions after deploys, merges, or upgrades by checking HTTP status, console errors, network failures, performance (LCP/CLS/INP), content, and API health.
Share bugs, ideas, or general feedback.
Set up or update the plugin's local settings file at .claude/spotify-ads-api.local.md.
Parse the user's argument to determine the configuration mode:
oauth (default if no argument)Full OAuth 2.0 authorization flow with automatic token refresh.
Prerequisite: The user must have added http://127.0.0.1:8080/callback as a redirect URI in their app settings at developer.spotify.com. Remind the user of this before starting the flow.
Read existing settings from .claude/spotify-ads-api.local.md if it exists.
Prompt the user for OAuth credentials using AskUserQuestion:
Store the client_secret securely in the macOS Keychain:
security add-generic-password -a "spotify-ads-api" -s "spotify-ads-api-client-secret" -w "<client_secret>" -U
Do NOT write client_secret to the settings file. It must only be stored in the keychain.
client_secret=$(security find-generic-password -a "spotify-ads-api" -s "spotify-ads-api-client-secret" -w)
python3 "${CLAUDE_PLUGIN_ROOT}/skills/configure/scripts/oauth-flow.py" \
--client-id "<client_id>" \
--client-secret "$client_secret"
If python3 is not available, try uv run:
client_secret=$(security find-generic-password -a "spotify-ads-api" -s "spotify-ads-api-client-secret" -w)
uv run "${CLAUDE_PLUGIN_ROOT}/skills/configure/scripts/oauth-flow.py" \
--client-id "<client_id>" \
--client-secret "$client_secret"
If Python is not available at all, fall back to the manual flow (see below).
Parse the JSON output from the script:
{"access_token": "...", "refresh_token": "...", "expires_in": 3600}
Calculate token_expires_at as the current time + expires_in seconds, formatted as ISO 8601.
Prompt for remaining settings:
GET /businesses → returns { "businesses": [...] } with each business having an id and name.GET /businesses/{business_id}/ad_accounts → returns { "ad_accounts": [...] } with each account having an id, name, and status.Write the settings file (see Settings File Format below).
Read .claude-plugin/plugin.json to get the plugin version and set SDK_HEADER="X-Spotify-Ads-Sdk: claude-code-plugin/$PLUGIN_VERSION".
Verify with a test API call:
curl -s -o /dev/null -w "%{http_code}" \
-H "Authorization: Bearer <token>" \
-H "$SDK_HEADER" \
"https://api-partner.spotify.com/ads/v3/ad_accounts/<ad_account_id>"
manualManual OAuth flow for environments where the automated script cannot run.
Prerequisite: The user must have added http://127.0.0.1:8080/callback as a redirect URI in their app settings at developer.spotify.com. Remind the user of this before starting the flow.
Prompt for client_id and client_secret using AskUserQuestion.
Store the client_secret securely in the macOS Keychain:
security add-generic-password -a "spotify-ads-api" -s "spotify-ads-api-client-secret" -w "<client_secret>" -U
Do NOT write client_secret to the settings file.
Display the authorization URL for the user to open in their browser:
https://accounts.spotify.com/authorize?client_id=<CLIENT_ID>&response_type=code&redirect_uri=http://127.0.0.1:8080/callback
Instruct the user to:
Ask the user to paste the redirect URL, then extract the code parameter from it.
Exchange the code for tokens:
client_secret=$(security find-generic-password -a "spotify-ads-api" -s "spotify-ads-api-client-secret" -w)
curl -s -X POST "https://accounts.spotify.com/api/token" \
-H "Authorization: Basic $(echo -n '<client_id>:'"$client_secret"'' | base64)" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=authorization_code&code=<CODE>&redirect_uri=http://127.0.0.1:8080/callback"
Parse the response for access_token, refresh_token, and expires_in.
Continue from step 7 of the oauth flow (calculate expiry, prompt for settings, write file, verify).
token <access_token>Legacy direct token mode for users who already have an access token.
Accept the access token from the argument.
Warn the user: "Direct token mode — this token will expire in ~1 hour with no automatic refresh. For auto-refresh, re-run with /spotify-ads-api:configure oauth using your client credentials."
Read existing settings or prompt for:
GET /businesses then GET /businesses/{business_id}/ad_accounts), or ask the user to paste it.Write the settings file with the token but without refresh credentials. Set token_expires_at to empty.
Verify with a test API call.
Write .claude/spotify-ads-api.local.md in this exact format:
---
access_token: "<token>"
refresh_token: "<refresh_token>"
token_expires_at: "<ISO 8601 timestamp>"
client_id: "<client_id>"
ad_account_id: "<uuid>"
environment: "production"
auto_execute: false
---
# Spotify Ads API Settings
Local configuration for the spotify-ads-api plugin.
Do not commit this file to version control.
Client secret is stored in the macOS Keychain, not in this file.
Note: client_secret is stored in the macOS Keychain (service: spotify-ads-api-client-secret, account: spotify-ads-api), not in this file.
For the token mode, leave refresh_token, token_expires_at, and client_id as empty strings.
Report the test API call result:
.claude/spotify-ads-api.local.md which is gitignored via .claude/*.local.md..claude/ directory doesn't exist, create it.security find-generic-password -a "spotify-ads-api" -s "spotify-ads-api-client-secret" -w to retrieve it when needed.