Categories
Interior

How to revoke third-party app permissions from spotify

How to revoke third-party app permissions from spotify

Internet music service Spotify offers an API that lets other websites and applications access your music and customer data. That can be a really cool feature if you’re using it to integrate music with other tools, like Shazam or Sonos. But, when you’re finished with whatever you’re doing, it’s probably a good idea to restrict access to only the most essential apps. Here’s how you do it.

On a laptop or desktop computer, head to Spotify.com. If you’re not logged in already, go ahead and click “Log In” in the upper right-hand corner, and then enter your credentials. It doesn’t matter if you’re using a standard email account or a Facebook connection to log in.

How to revoke third-party app permissions from spotify

After you’ve logged in, you’ll see your main account information page. Click the “Apps” link near the bottom of the left-hand column.

How to revoke third-party app permissions from spotify

The “Approved Applications” page shows a list of all the applications you’ve granted Spotify permissions to interact with. If you want to remove an app’s permissions, just click the “Revoke Access” button to the right of that app. Afterward, the app will no longer have access to your Spotify data.

How to revoke third-party app permissions from spotify

There is one thing to keep in mind, though. Revoking a third-party app’s access to your Spotify account only stops that from collecting new information from that point forward. It doesn’t mean that the app will delete the data it’s already collected—and indeed, it’s probably best to assume that it hasn’t. Delete your account with that third-party app, if possible, for extra security.

One of the awesome things about Spotify is that we can provide you with specialized and custom-made content by getting to know you and your listening habits.

This article provides an overview of the information you’ve allowed us to collect, and guidance for how to change the permissions on some of this information.

Tip: This article is just a guide, so be sure to read our Privacy Policy for the most comprehensive information about your relationship with us.

Your Spotify profile and content

While you have a Spotify account, certain information will always be publicly viewable:

  • Your Spotify username or your Facebook name and profile photo (if your account is connected to Facebook).
  • A list of who you follow and who follows you.
  • Your recently played artists.

Other information, while viewable by default, can be hidden from public view. This includes:

  • Playlists you follow or have created.
  • What music you play (which is published to the Friend Feed by default).
  • The top tracks and artists shown on your profile.
  • Content you post, upload, and/or contribute to the service.

To adjust the visibility of this information, check out our guide to Privacy settings.

Remember:

Information that is publicly available, such as your public playlists, may be used, linked to, or re-shared by others on the service or across the web. Even if you remove a playlist or make a playlist private, others who already subscribed to or have a link to it (e.g. via a link) can likely still access it.

Also keep in mind that playlists and other information added to your Spotify profile may include information, such as your username, which could enable others to find you within the Spotify service or on other services. Please use Spotify carefully and be mindful of your settings.

Communications

You have full control over how much communication you receive from us, including notifications and marketing information. Check out our guide to managing your notifications.

Sometimes our partners will reach out to you too. These emails will always include ‘Unsubscribe’ links, so use these if you don’t want to receive communication like that in future.

Your device

Spotify may request permissions to use some information from your device to provide certain features (e.g. microphone access). We’ll only access such information after asking your permission, which you control.

Your mobile device’s operating system may allow you to control these permissions. For more information, please visit the support site for your operating system.

3rd party app permissions

Spotify is pleased to support interaction with third-party applications to produce fresh and innovative features for you. If you connect your Spotify account to a 3rd-party application, that application may require certain permissions to function.

If you would like to remove any permissions from these apps, you can do so from your account page. Just tap Apps in the menu on the left, and REMOVE ACCESS next to the application you wish.

  • Home
  • :
  • Ideas
  • :
  • Implemented Ideas
  • :
  • [All Platforms] Manage Third Party Access Permissi.

Need help? Check out Spotify Answers for solutions to a wide range of topics.

  • Subscribe to RSS Feed
  • Mark as New
  • Mark as Read
  • Bookmark
  • Subscribe
  • Email to a Friend
  • Printer Friendly Page
  • Report Inappropriate Content

I imported all my songs from Rdio by granting access to 3rd party web apps like Mooval , now I want to stop them from SPYING on my activities.

How do we manage 3rd party application access to our account (revoke access to applications, so they can no longer access your account), something similar to the way Twitter does it, or Last.fm.

It’s misleading to have an ability to grant access with no way to revoke it. I would never have granted access to 3rd party apps if I had known that it was not possible to manage these access grants.

This actually puts me on the edge of flat out removing my Spotify account entirely because it’s a huge breach of trust

I DON’T WANT to be DATA MINED BY OTHER COMPANIES and STRANGERS, Please let us remove SPYS like Google does:

We’re happy to announce that you can now manage access to another app or integration with Spotify. Simply head to your account page and select Apps . You can click revoke access on things like partner apps. Thats it!

  • Find more ideas tagged with:
  • 3rd party
  • Back to Idea Exchange
  • Previous
  • Next
  • « Previous
    • 1
    • 2
    • 3
    • 6
  • Next »
  • Mark as Read
  • Mark as New
  • Bookmark
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Marked as New Idea and edited title to make it easier to find via search. This is a repost of the following inactive idea.

  • Mark as Read
  • Mark as New
  • Bookmark
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

I really can’t believe you have to make a customer inquiry for this. This stuff is basic security. It’s like having spotify to ask for a “change password” functionality.

  • Mark as Read
  • Mark as New
  • Bookmark
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

This is something we recognise and we’re working on at the moment. We’ll make sure to post an update to this thread when we have any new information.

  • Mark as Read
  • Mark as New
  • Bookmark
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Should be there by default even if not a lot of kudos: it’s a security feature. Don’t compromise on security!

  • Mark as Read
  • Mark as New
  • Bookmark
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

It’s possible that they don’t offer management of this because third-party access is based on expiring tokens? The Spotify API mentions the parameter expires_in for third party authentication; there is no maximum value mentioned, but examples use the value 3600 (it’s in seconds, so that’d be an hour) . I’ve noticed I’ve had to re-authorize third party tools like the Spotify Playlists Deduplicator, so at least in some cases, permissions aren’t kept forever.

  • Mark as Read
  • Mark as New
  • Bookmark
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

The fact that you see this as a feature request and not a serious security flaw in your implementation is insane. This isn’t some feature for which people can gather support in the likes of “add function so and so”, most people probably don’t understand the security implications. If the page where you authorize apps would come with a massive warning saaying “Hey, this means that you give these permissions to this app forever regardless of who owns it or what its purpose is in the future” then you can bet that the interest for this feature would increase.

  • Home
  • :
  • Help
  • :
  • Other
  • :
  • How to revoke 3rd party app access?

Need help? Check out Spotify Answers for solutions to a wide range of topics.

How to revoke 3rd party app access?

  • Subscribe to RSS Feed
  • Mark Topic as New
  • Mark Topic as Read
  • Float this Topic for Current User
  • Bookmark
  • Subscribe
  • Printer Friendly Page
  • All topics
  • Previous
  • Next
  • « Previous
    • 1
    • 2
  • Next »
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

I imported all my songs from Rdio by granting access to 3rd party web apps like Mooval , now I want to stop them from SPYING on my activities.

How do we manage 3rd party application access to our account (revoke access to applications, so they can no longer access your account), something similar to the way Twitter does it, or Last.fm.

It’s misleading to have an ability to grant access with no way to revoke it. I would never have granted access to 3rd party apps if I had known that it was not possible to manage these access grants.

This actually puts me on the edge of flat out removing my Spotify account entirely because it’s a huge breach of trust

I DON’T WANT to be DATA MINED BY OTHER COMPANIES and STRANGERS, Please let us remove SPYS like Google does:

  • Web Player
  • Windows
  • « Previous
    • 1
    • 2
  • Next »
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Unfortunately Spotify does not have a way to manage third party access.

Users can add kudos to your idea to show support:

  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

That is not a solution.

  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Iti is not, but by looking at the number of kudos of that idea, I don’t think people care that much about it. That’s sad though, because they should.

  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

They deleted the Kudos, it was 175 with 4 pages of replies this morning

They are trying to bury this. Are you going to let them?

  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

You have my kudos.

  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Added kudos and some relevant tags, plus a note as to Spotify support’s absurd response to a request of revoking a third party’s access.

  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

I could be wrong here, but since you have to grant your Spotify password to the app in question for it to function. won’t changing your Spotify password deny the app access to your account?

  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

At least for any legitimate app in the sense this is referring to, it doesn’t (and shouldn’t ever) directly ask for your Spotify password. This link provides the technical details if curious but the basic idea is that it triggers Spotify’s Auth prompt in a new window with some data saying what it wants access to, where you log directly into Spotify itself, and then that passes a different piece of data back to the app or site saying “yes this person is ____ and you can now access what was requested with this key.”

What people have an issue with is that right now that extra piece of data, the “key” to access account data possibly including the ability to make changes to followers/playlists/etc if it was requested, can’t be revoked by users unless it expires on its’ own. Based on my followup in one particular case, Spotify claims to be unable to revoke that access as well, which is downright dangerous. Futhermore, support suggested that I contact the third party in question to have access removed, which is reliant on the third party being well-intentioned and responsive, but also impossible according to Spotify’s own documentation and developer comments since there is no way for an app/site to “give up” access once it’s granted either.

Put simply: Since this is completely independent of your account details, the point of it being that you don’t need to give your actual login info to a third party, changing your password has zero effect on it. Most well-designed systems for third party access to information of an account use this type of process (Facebook, Google, Twitter, etc.), but I’ve never seen one that you can’t revoke access after it’s been given which is the case here.

What truly scares me is that there are numerous video games with more secure implementations than what appears to be the case at Spotify, including one with half a million users and only one developer maintaining their API (though admittedly more are likely involved with their auth setup) which is in much better shape than this.

Edit: Added some more info on inability for a third party to give up access and on other systems which use this type of process.
Edit 2: Finished reading the docs, editing for accuracy.

How to revoke third-party app permissions from spotify

Google helps app and game makers with a single sign-on service similar to Facebook. Google has much stricter privacy policies about what third-party developers can do with your data, but it’s still a good idea to clear out any apps or games you no longer use. Take a look at what apps you’ve given permission to and revoke access to ones you no longer use. Here’s how.

What the different app permissions are

Google allows developers to request three levels of information, basic, read and write, and full access. Each tier offers deeper access. For some apps, it’s necessary (like being able to add an event to your Google calendar), while others shouldn’t be asking for anything more than your basic information (your name and email address for single sign-on purposes). When you view the apps that you’ve given permission to, what they can do will be listed next to them.

Full account access

This gives the developer complete access to your Google account, including the ability to change your password, delete your account, send money through Google Pay, view all of your Google account activity, including web searches and things you’ve watched on YouTube, and a whole lot more.

Basically, you should never give full account access to any third-party app. You should only see this permission for Google apps. It’s too dangerous to give that kind of power to a third-party app. None of them should need it and none of them should ask for it.

Read and write access

Read and write access is how some apps access limited features of your Google account. A third-party email app might have access to read, send, and delete your Gmail emails. You shouldn’t be scared of this if you trust the company providing the service. I’ve given read and write permission to a handful of email clients that I trust.

This also works for calendar apps, which might request permission to manage your Google Calendar and create task lists for you, contact management apps, which have access to your Google contacts, or note-taking apps that have access to Google Drive.

If you trust the company, allowing them read and write access is not dangerous. It’s useful, and in many cases, necessary to provide you the service you’re looking for.

Basic Information

When a developer asks for your basic information only, they’re just connecting you to the Google sign-on feature, which includes your email address and name. It’s not totally clear what else is included in the basic information permission, but your Google personal info page shows what basic information you share with your contacts, like your age and gender identity.

Some apps and practically all games should only be asking for basic information. If a game is asking for read and write permission, you should definitely do some digging to find out why the developer needs more than that.

How to revoke third-party app permissions for your Google account

It’s a fairly simple process, and you should probably check your app permissions every few months to make sure you’re OK with the apps you’ve given permission too.

I recommend visiting your app permissions page on both mobile and PC/Mac because app permissions may be different, depending on what device you use them on.

  1. Navigate to your Google Security Page from a web browser.
  2. Click on Apps with account access from the side menu on PC or Mac or scroll down to the section on mobile.

Click or tap on Manage Apps.

How to revoke third-party app permissions from spotify

Click or tap on Remove Access.

How to revoke third-party app permissions from spotify

You should do this for any apps you no longer use.

What happens when you revoke access to your Google account for third-party apps

In some instances, like basic information permissions, you’re simply going to be logged out of an app or game and have to allow permission again if you want to use it again.

For apps that request read and write permissions, you’ll be logged out of the app and it will no longer have access to your Gmail, Google Calendar, Google+, Google Drive, contacts, or other information you’ve previously given permission to before.

For apps that ask for full access, they won’t be able to delete your Google account, change your password, or send money to themselves through your Google Pay account. Revoke those and don’t look back.

For any app that you revoke permission for, you can always give permission again in the future. Most of the information will sync with Google and you won’t lose data anyway. You might have to rebuild task lists, or you might lose PDFs you saved to Google Drive using the app, but it shouldn’t be too big of a process if you revoke an app and decide to give permission back at a later date.

Any questions?

Do you have any questions about how to revoke third-party app permissions to your Google account? Put them in the comments and I’ll help you out.

When you use Sign in with Apple, you can sign in to participating third-party apps and websites with your Apple ID. Learn how to view and manage the apps that you use with Sign in with Apple.

View the apps using your Apple ID

To see a list of the apps that you’re currently using with Sign in with Apple and manage your preferences for each one, go to Apple ID settings on your device or sign in to your Apple ID account page. Learn more about Sign in with Apple.

On your iPhone, iPad, or iPod touch

  1. Open the Settings app, then tap your name.
  2. Tap Password & Security.
  3. Tap Apps Using Your Apple ID.

On your Mac

  1. Choose Apple  menu, then click System Preferences.
  2. Click Apple ID, then choose Password & Security.
  3. Click Edit.

On the web

  1. Sign in to appleid.apple.com.
  2. Go to the Security section. Under Sign in with Apple, select “Manage apps & websites.”
  3. Select Manage.

Manage your apps

In your Apple ID account settings, you see a list of apps that you use with Sign in with Apple. To view the information you originally shared with an app, select any app in the list. You can also view a link to the app’s Privacy Policy or Terms & Conditions.

If you chose to hide your email address from an app and use our private email relay service, you can turn off email forwarding to your personal email address. You can also choose to stop using your Apple ID with an app or website.

How to revoke third-party app permissions from spotify

Turn off email forwarding

To stop emails sent by a particular developer from reaching your personal inbox, turn off Forward To, then select Stop. Emails aren’t forwarded to your personal inbox unless you turn email forwarding back on.

Change your forwarding address

If you use Hide My Email with a developer, you can change the email address that receives forwarded messages from that developer. You can select any email address you have on file in your Apple ID account:

  1. On your iPhone, go to Settings, then tap [your name].
  2. Tap Name, Phone Numbers, Email, then tap Forward to under Hide My Email.
  3. Choose the address you want emails to be forwarded to.

When you choose the email address, this applies to email from all apps and developers using Hide My Email.

Stop using your Apple ID with an app

To stop using your Apple ID with an app, select Stop Using Apple ID, then choose Stop Using.

When you stop using your Apple ID with an app, you’re signed out of the app on your device. The next time you visit the app or its associated website, you can either select Sign in with Apple to sign in again, or create a new account.

If you choose to use Sign in with Apple again, you’re signed in to the same account you previously used. Some apps might let you create a new password for your existing account so you can sign in again without using your Apple ID.

Some developers might use Sign in with Apple to give you an account for more than one app. If that’s the case and you turn off email forwarding or stop using your Apple ID for one app, it applies to all apps from that developer.

How to revoke third-party app permissions from spotify

How to revoke third-party app permissions from spotify

Spotify has heavily criticized Apple for anti-competitive behavior in the past. In fact, the streaming service recently joined a coalition of apps that hopes to “fight back” against the Cupertino-based company.

These steps have been met with praise by some developers, but they’re also why Spotify’s latest move is rather questionable.

Switch to Spotify with ease, but don’t leave

The music streaming service has told SongShift (via MacRumors ), an app that helps people switch from one service to another by transferring music libraries, that it must stop offering transfers away from Spotify.

If SongShift or developers of similar apps ignore the request, Spotify has announced that it will revoke access to the Spotify SDK. App developers can, however, continue to offer transfers into Spotify.

In other words, the Swedish streaming service is happy for SongShift to make transfers over to Spotify painless, but it doesn’t want users switching over to rivals such as Apple Music and Deezer with the same ease.

Rather ironically, arch-rival Apple continues to offer SDK access to SongShift and other third-party apps, therefore allowing its customers to switch to and from Apple Music with little hassle.

When you are no longer actively using an app, it’s best to revoke any sensitive permission you may have granted it. Thankfully, on your Android phone or tablet, you don’t have to manually go on about doing that.

Introduced in Android 11, the permission feature offers a handy option that automatically revokes permissions from an app you haven’t opened in a while. This setting can’t be applied globally throughout the OS, which means you will have to enable it separately for each app. We would recommend switching it on, especially for apps from developers you don’t trust. Here’s how to access it.

Before we begin, note that every Android manufacturer tweaks the name of various menus and settings. The following steps and screenshots will cover the process on a Samsung phone. Although the names might be different, the process will be very similar.

Open the “Settings” app on your Android smartphone or tablet. You can find it either in the app drawer or by tapping the gear icon in the notification panel.

How to revoke third-party app permissions from spotify

Select “Apps and Notifications.”

How to revoke third-party app permissions from spotify

Inside, tap the “See All Apps” option.

How to revoke third-party app permissions from spotify

Locate the app whose permissions you’d like to have automatically revoked after a few months for non-use. Tap the “Permissions” option.

How to revoke third-party app permissions from spotify

Toggle the “Remove Permissions If App Isn’t Used” setting found at the bottom of the page.

How to revoke third-party app permissions from spotify

Now, if you don’t use this app for a few months, your phone or tablet will cut off its link to all the data modules and sensors it’s allowed to access. If you pick, WhatsApp, it will lose permissions to access the camera, microphone, local storage, and more.

The set of permissions this setting applies to will vary based on the app. Further, it’s worth noting it’s only available in a restricted form for system-level apps. Therefore, for instance, you can’t instruct Android to automatically revoke Gmail’s access to your phone’s contacts and calendar.

Google doesn’t specify when Android will automatically revoke app permissions between uses. But down the road, when and if this setting is triggered for any app, Android will notify you and also offer an option to uninstall the app.

Want better control over your smartphone privacy? There’s more you can do to better manage permissions on Android and how much of your data each app can read.

You are viewing the PayPal Community Archives. This content may be old or outdated. Leave the Archive

Chat with our moderator team every Wednesday between 1-2pm PT (4-5pm ET). Learn more in Community Events

  • Subscribe to RSS Feed
  • Mark Topic as New
  • Mark Topic as Read
  • Float this Topic for Current User
  • Bookmark
  • Subscribe
  • Mute
  • Printer Friendly Page

Revoke Third Party Permissions

  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Need help how to revoke a Third Party Permissions accessing Paypal. Is there settings in Paypal to do that.

  • All forum topics
  • Previous Topic
  • Next Topic
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

You need to explain your scenario a bit more?

Are you referring to cancelling a subscription, etc.?

  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Yes like a subscription or a third party access like a bookeeping app

  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

If you want to cancel a subscription or billing agreement, the following steps apply:

(Note, the steps may be slightly different becasue of the New View user interface and the type of account you have.)

  • Login to your PayPal Account.
  • Click on “Profile”.
  • Click on “My Money”.
  • Look for: “My Preapproved Payments”.
  • You should see: “Manage the automatic payments, subscriptions, and installment plan payments I send to merchants”.
  • Click on “Update”.
  • Next, you will see all active and cancelled billing agreements/subscriptions listed on the screen.
  • Click on the service-name for further action.
  • You should see on next page terms of billing agreement/subscription, how much money you have authorized service provider to deduct from your account and few other details. Most important is link to Cancel agreement, in case if it is active.
  • Note, when you click on Cancel, you will be prompted to confirm it once again. Click “Yes”.

As for a bookkeeping app, that’s managed through the Multi-User Access permissions which are assigned to a User, see this User Guide for additional info: