Hello, I am having difficulties with configuring MusicKit correctly for my web app that I am building, seeking assistance with the issues I am having. Would greatly appreciate any help! After allowing access to the following, "Access Request media.mydomain.com would like to access Apple Music, media library, and listening activity for myemail'@icloud.com.", I get a popup error that states, "Authorization failed. Please try again.". Following is the information that is given in developer console: [Error] Failed to load resource: the server responded with a status of 403 () (webPlayerLogout, line 0) [Error] Authorization failed: AUTHORIZATION_ERROR: Unauthorized (anonymous function) (media.mydomain.com:398)

Hello, I am trying to follow the getting started guide. I have produced a developer token via the music kit embedding approach and can confirm I'm successfully authorized. When I try to do play music, I'm unable to hear anything. Thought it could be some auto-play problems with the browser, but it doesn't appear to be related, as I can trigger play from a button with no further success. const music = MusicKit.getInstance() try { await music.authorize() // successful const result = await music.api.music(`/v1/catalog/gb/search`, { term: 'Sound Travels', types: 'albums', }) await music.play() } catch (error) { console.error('play error', error) // ! No error triggered } I have searched the forum, have found similar queries but apparently none using V3 of the API. Other potentially helpful information: OS: macos 15.1 (24B83) API version: V3 On localhost Browser: Arc (chromium based), also tried on Safari, The only difference between the two browsers is that safari appears to exit the breakpoint, whereas Arc will continue (without throwing any errors) authorizationStatus: 3 Side note, any reason this is still in beta so many years later?

I'm developing a Raycast extension that using Apple MusicKit API, is it safe to store developer tokens in Raycast extensions?

I'm trying (in Swift) to use CryptoKit to generate the required JWT for the Apple Music Web API, as documented (sort of) here. But I'm getting 401s no matter what I try. I found some examples of generating JWTs online, but something isn't working here. I've set up my identifiers and gotten an API secret through my account in the dev portal. It's associated with an identifier requesting Music API access (I requested all three available Music-related capabilities). For the secret, I'm using the long key string from the .p8 file I generated and downloaded from the dev portal. Here's what I've tried: struct APIToken { struct Header: Encodable { let alg = "HS256" let kid: String } struct Payload: Encodable { let iss: String let iat: String let exp: String } static func tokenize(keyID: String, issuerID: String, secret: String) -> String { let privateKey = SymmetricKey(data: Data(secret.utf8)) let headerJSONData = try! JSONEncoder().encode(Header(kid: keyID)) let headerBase64String = headerJSONData.base64EncodedString() let currUnixTime = Int(Date().timeIntervalSince1970) let expUnixTime = currUnixTime + 5 * 2628288 // five months of seconds let payloadJSONData = try! JSONEncoder().encode(Payload(iss: issuerID, iat: "\(currUnixTime)", exp: "\(expUnixTime)")) let payloadBase64String = payloadJSONData.base64EncodedString() let toSign = Data((headerBase64String + "." + payloadBase64String).utf8) let signature = HMAC<SHA256>.authenticationCode(for: toSign, using: privateKey) let signatureBase64String = Data(signature).base64EncodedString() let token = [headerBase64String, payloadBase64String, signatureBase64String].joined(separator: ".") print(token) return token } } I also tried making sure the base64 strings are URL-safe with this extension: extension Data { func URLSafeBase64EncodedString() -> String { return base64EncodedString() .replacingOccurrences(of: "+", with: "-") .replacingOccurrences(of: "/", with: "_") .replacingOccurrences(of: "=", with: "") } } but that made no difference. All the documentation says is A decoded developer token has the following format. { "alg": "ES256", "kid": "ABC123DEFG" } { "iss": "DEF123GHIJ", "iat": 1437179036, "exp": 1493298100 } After you create the token, sign it with your MusicKit private key using the ES256 algorithm. Am I not doing that? Any insight appreciated.

Apple provides HTML Embeds for Music Kit JS, as mentioned here. There is a tool here that you can use to create embeds. Scroll to Preview Player. Now, if you set your browser width to less than 490 (right when the thumbnail gets smaller), the player will move vertically if you drag up. Not by much, it's hard to see without a contrasting background.. It's more noticeable in dark mode, as a white background shows clearly, like this: I'm misusing "drag" here: a simple, vertical scroll will cause this. Since this happens on Apple's own site, I'm fairly certain that this is not a "me problem," but who knows! Anyhow, I'm not sure if anyone has come across this. These embeds are pretty handy, and I'm loathe to roll my own player just to fix this. Any constructive advice would be appreciated.

I wanted a platform that combined apple music and podcasts, so I built one. I'm looking for beta testers currently, please reply if you're interested.

Hi everyone, I'm currently developing an iOS app using React Native and recently got accepted into the Apple Music Global Affiliate Program. To fully utilize this opportunity, I need to implement the following functionalities: Authorize Apple Music usage Play Apple Music within my app Identify if a user has an Apple Music subscription Initiate and complete Apple Music subscription within my app I've successfully implemented the first three functionalities using the react-native-apple-music module. Now, I need your help to understand how I can directly trigger the Apple Music subscription process from within my app. Thank you for your help!

Hello I have a question about my Web App release. I have built a web app including Apple Music MusicKit JS. Now I would like to release it. Do I need to confirm this with Apple? If yes, what can I do next?

Hello I have a question about my web app release. I have built a web app including Apple Music MusicKitJS. Now I would like to release it. Do I need to confirm this with Apple? If yes, what can I do next?

Hello there, I am faced with the following situation: We are building a web app that manages playlists for different platforms, including Apple music We have the concept of teams in there, where a user can be part of multiple teams, and teams are managed by team admin A team admin could manage multiple teams The problem here is, that a team admin wouldn't be able to sign in to the Apple music account for multiple teams because if using the same computer we try to let the user sign in once and store the Music User Token, we can't do another login unless we unauthorized the previous one. Is there anything we can do about this? Thanks

Could some tell what the relevant endpoint is for fetching all public list of a user playlist. I am able to fetch a one via the id but i want to fetch all in a single request without using authorization.

Hello, Problem I am having the exact same issue as described here : https://forums.developer.apple.com/forums/thread/693310 From my understanding of the answers on this topic, it appears to be a problem on the Server Side. Is it still the case or perhaps I am missing something ? Here are the curl commands and their outputs : Storefront call ➜ ~ curl -v -H 'Authorization: Bearer [VALID TOKEN]' "https://api.music.apple.com/v1/storefronts/us" * Trying [2a02:26f0:2b00:3ab::2a1]:443... * Connected to api.music.apple.com (2a02:26f0:2b00:3ab::2a1) port 443 (#0) * ALPN: offers h2 * ALPN: offers http/1.1 * CAfile: /etc/ssl/cert.pem * CApath: none * [CONN-0-0][CF-SSL] (304) (OUT), TLS handshake, Client hello (1): * [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, Server hello (2): * [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, Unknown (8): * [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, Certificate (11): * [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, CERT verify (15): * [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, Finished (20): * [CONN-0-0][CF-SSL] (304) (OUT), TLS handshake, Finished (20): * SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256 * ALPN: server accepted h2 * Server certificate: * subject: businessCategory=Private Organization; jurisdictionCountryName=US; jurisdictionStateOrProvinceName=California; serialNumber=C0806592; C=US; ST=California; L=Cupertino; O=Apple Inc.; CN=itunes.apple.com * start date: Jan 23 20:23:43 2024 GMT * expire date: Jul 21 20:33:43 2024 GMT * subjectAltName: host "api.music.apple.com" matched cert's "api.music.apple.com" * issuer: C=US; O=Apple Inc.; CN=Apple Public EV Server RSA CA 2 - G1 * SSL certificate verify ok. * Using HTTP2, server supports multiplexing * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0 * h2h3 [:method: GET] * h2h3 [:path: /v1/storefronts/us] * h2h3 [:scheme: https] * h2h3 [:authority: api.music.apple.com] * h2h3 [user-agent: curl/7.87.0] * h2h3 [accept: */*] * h2h3 [authorization: Bearer [VALID TOKEN]] * Using Stream ID: 1 (easy handle 0x12680a800) > GET /v1/storefronts/us HTTP/2 > Host: api.music.apple.com > user-agent: curl/7.87.0 > accept: */* > authorization: Bearer [VALID TOKEN] > < HTTP/2 200 < server: daiquiri/5 < content-type: application/json;charset=utf-8 < x-apple-jingle-correlation-key: QZSH3IR75IPQYS7LSN5C5EUJRI < x-apple-request-uuid: 86647da2-3fea-1f0c-4beb-937a2e92898a < b3: 86647da23fea1f0c4beb937a2e92898a-1d7eb7b8ad18bc4d < x-b3-traceid: 86647da23fea1f0c4beb937a2e92898a < x-b3-spanid: 1d7eb7b8ad18bc4d < apple-seq: 0.0 < apple-tk: false < apple-originating-system: MZStorePlatform < x-apple-application-site: MR22 < x-apple-application-instance: 3588504 < x-responding-instance: MZStorePlatform:3588504::: < apple-timing-app: 4 ms < access-control-allow-origin: * < strict-transport-security: max-age=31536000; includeSubDomains < x-daiquiri-instance: daiquiri:11896006:mr84p00it-qujn09092102:7987:24RELEASE93:daiquiri-amp-store-l7shared-int-001-mr < x-daiquiri-instance: daiquiri:12282002:mr47p00it-qujn07081302:7987:24RELEASE93:daiquiri-amp-store-l7shared-ext-001-mr < cache-control: public, no-transform, max-age=2625 < date: Tue, 23 Apr 2024 14:08:00 GMT < content-length: 276 < x-cache: TCP_REFRESH_MISS from a2-17-114-29.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (S) < x-cache-remote: TCP_HIT from a2-17-114-18.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) < vary: Accept-Encoding < vary: Accept-Encoding < * Connection #0 to host api.music.apple.com left intact {"data":[{"id":"us","type":"storefronts","href":"/v1/storefronts/us","attributes":{"supportedLanguageTags":["en-US","es-MX","ar","ru","zh-Hans-CN","fr-FR","ko","pt-BR","vi","zh-Hant-TW"],"explicitContentPolicy":"allowed","name":"United States","defaultLanguageTag":"en-US"}}]}% Album call ➜ ~ curl -v -H 'Authorization: Bearer [VALID TOKEN]' "https://api.music.apple.com/v1/catalog/us/albums/310730204" * Trying [2a02:26f0:2b00:3ab::2a1]:443... * Connected to api.music.apple.com (2a02:26f0:2b00:3ab::2a1) port 443 (#0) * ALPN: offers h2 * ALPN: offers http/1.1 * CAfile: /etc/ssl/cert.pem * CApath: none * [CONN-0-0][CF-SSL] (304) (OUT), TLS handshake, Client hello (1): * [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, Server hello (2): * [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, Unknown (8): * [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, Certificate (11): * [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, CERT verify (15): * [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, Finished (20): * [CONN-0-0][CF-SSL] (304) (OUT), TLS handshake, Finished (20): * SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256 * ALPN: server accepted h2 * Server certificate: * subject: businessCategory=Private Organization; jurisdictionCountryName=US; jurisdictionStateOrProvinceName=California; serialNumber=C0806592; C=US; ST=California; L=Cupertino; O=Apple Inc.; CN=itunes.apple.com * start date: Jan 23 20:23:43 2024 GMT * expire date: Jul 21 20:33:43 2024 GMT * subjectAltName: host "api.music.apple.com" matched cert's "api.music.apple.com" * issuer: C=US; O=Apple Inc.; CN=Apple Public EV Server RSA CA 2 - G1 * SSL certificate verify ok. * Using HTTP2, server supports multiplexing * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0 * h2h3 [:method: GET] * h2h3 [:path: /v1/catalog/us/albums/310730204] * h2h3 [:scheme: https] * h2h3 [:authority: api.music.apple.com] * h2h3 [user-agent: curl/7.87.0] * h2h3 [accept: */*] * h2h3 [authorization: Bearer [VALID TOKEN]] * Using Stream ID: 1 (easy handle 0x148010a00) > GET /v1/catalog/us/albums/310730204 HTTP/2 > Host: api.music.apple.com > user-agent: curl/7.87.0 > accept: */* > authorization: Bearer [VALID TOKEN] > < HTTP/2 500 < server: daiquiri/5 < content-type: application/json; charset=utf-8 < content-length: 42 < access-control-allow-origin: * < x-apple-jingle-correlation-key: EABGYDVEO5AFSK47FMXBMUMODY < x-apple-application-site: st < strict-transport-security: max-age=31536000; includeSubDomains < x-daiquiri-instance: daiquiri:42282002:st53p00it-qujn13050102:7987:24RELEASE93:daiquiri-amp-store-l7shared-ext-001-st < date: Tue, 23 Apr 2024 14:08:03 GMT < x-cache: TCP_MISS from a2-17-114-29.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) < * Connection #0 to host api.music.apple.com left intact {"message":"An unexpected error occurred"}% Am I missing something ? Is it a server side issue ? If so, when will it be fixed ? Otherwise, what is wrong with my approach ?

Has anyone found a way to retrieve user token if I want to make an app on Flutter that uses that to make Apple Music API calls to just retrieve the user data and display it on the application? Something like when a user opens their app, there is a button that says connect with apple. It takes the user to give permissions for apple music and that retrieves their user token. I know there is Music Kit on Swift but i wonder if there is something like that on flutter

Access to fetch at 'https://play.itunes.apple.com/WebObjects/MZPlay.woa/wa/webPlayback' from origin 'http://localhost:5173' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

I was about to finally sign up for the Apple Music affiliate program since one of my apps does provide the MusickKit Subscription Offer. However, it looks like it was renamed and restricts usage to only artists and record labels. (https://partners.applemediaservices.com) Is this correct? Can I as an indie developer not earn commission of Apple Music that I drive from my apps?

After thoroughly scouring the internet numerous times, I came to the realization that Apple has not documented their User Authentication flow. Instead, developers are often directed to use their JavaScript solution, which proves to be insufficient and impractical for many projects. Could we please request a comprehensive documentation outlining the process of generating a Music User Token from the Developer Token? This would greatly benefit developers seeking to integrate Apple Music functionality into their projects.

Hello, I am working on the Musickit web browser application. I have created my developer token as mentioned in the documentation. When I call the authorize() method to authenticate, I get the Apple Music pop up as expected. However, after entering the user credentials and "allowing" access, I get the following error: POST https://play.itunes.apple.com/WebObjects/MZPlay.woa/wa/webPlayerLogout 403 (Forbidden) musickit.js:28 Uncaught (in promise) AUTHORIZATION_ERROR: Unauthorized at https://js-cdn.music.apple.com/musickit/v3/musickit.js:28:269512 at Generator.next () at asyncGeneratorStep$u (https://js-cdn.music.apple.com/musickit/v3/musickit.js:28:266594) at _next (https://js-cdn.music.apple.com/musickit/v3/musickit.js:28:266821) I am using an user account with paid subscription to Apple Music. With the JWT created, I am able to make API calls and receive the response for requests that do that need the userToken. I am currently stuck at this step and would like some help to root cause this issue.

Hi! For a couple of days and only for some users, we are getting this error message on this endpoint: https://api.music.apple.com/v1/me/library/playlists?limit=100 {"id":"6NT5LBXIZW65K2G3L6QY3WWYAA","title":"Upstream Service Error","detail":"Error fetching library content","status":"500","code":"50001"} Any idea?

The MusicKit JS V3 documentation has this article about Native WebViews. For some reason, my app fails to do anything after musicKitInstance.authorize() is called. I think that it is not being recognized as a WebView and is trying to open the window as if it was running in a browser, but since it's not a browser, there's no way for it to open a browser window. Is there something I can do to make this work? I have tried many things, including setting the user agent to a few different ones for web views and seeing if it behaves differently but didn't see any different behavior. Is there something musickit.js checks for, when determining if it's running in a WebView, that I can leverage to ensure the Native WebView workflow is followed?

Not sure when it happened but I can no longer play explicit songs in my app using MK v3. I've turned off restrictions/made sure i have access to explicit in... My phone (Screen Time) My computer (Screen Time) My iPad (Screen Time) music.apple.com (Settings) and I still get this error when I try to play a song in console. `CONTENT_RESTRICTED: Content restricted at set isRestricted (https://js-cdn.music.apple.com/musickit/v3/musickit.js:28:296791) at SerialPlaybackController._prepareQueue (https://js-cdn.music.apple.com/musickit/v3/musickit.js:28:318357) at SerialPlaybackController._prepareQueue (https://js-cdn.music.apple.com/musickit/v3/musickit.js:28:359408) at set queue (https://js-cdn.music.apple.com/musickit/v3/musickit.js:28:308934) at https://js-cdn.music.apple.com/musickit/v3/musickit.js:28:357429 at Generator.next (<anonymous>) at asyncGeneratorStep$j (https://js-cdn.music.apple.com/musickit/v3/musickit.js:28:351481) at _next (https://js-cdn.music.apple.com/musickit/v3/musickit.js:28:351708)`