Post

Replies

Boosts

Views

Activity

MusicKit JS authorize() returns AUTHORIZATION_ERROR "Unauthorized" (no Music User Token) — catalog works
Hi all — hoping someone has hit this. Our MusicKit JS (v3) web app calls authorize() and it rejects with AUTHORIZATION_ERROR / "Unauthorized" (no Music User Token is issued), even though the same developer token returns HTTP 200 for catalog requests (/v1/catalog/us/search) — so the token itself is valid. Setup (all verified): MusicKit JS v3 from js-cdn.music.apple.com/musickit/v3/musickit.js; MusicKit.configure() succeeds, storefront resolves to "us". Developer token is ES256, valid, and includes the origin claim for our exact site origin. Our MusicKit key is enabled for Media Services and tied to a Media ID that has MusicKit enabled. Referrer-Policy: strict-origin-when-cross-origin. Repro: sign in with an active Apple Music subscriber and tap Allow -> authorize() rejects. Reproduces for two subscriber Apple IDs, in Chrome and Edge, with third-party cookies allowed. Error object: { name: "AUTHORIZATION_ERROR", message: "Unauthorized", isMKError: true }, thrown inside musickit.js during the authorize() flow. The served MusicKit build is a prerelease (3.2526.0-prerelease.x). We've ruled out the usual suspects on our side (origin claim, referrer policy, token validity, API version, cookies, and portal provisioning). Has anyone resolved this, or is there an additional server-side enablement needed for a team/Media ID to issue web user tokens? Also filed as FB23587284. Thanks!
0
0
26
15h
MusicKit JS authorize() returns AUTHORIZATION_ERROR "Unauthorized" (no Music User Token) — catalog works
Hi all — hoping someone has hit this. Our MusicKit JS (v3) web app calls authorize() and it rejects with AUTHORIZATION_ERROR / "Unauthorized" (no Music User Token is issued), even though the same developer token returns HTTP 200 for catalog requests (/v1/catalog/us/search) — so the token itself is valid. Setup (all verified): MusicKit JS v3 from js-cdn.music.apple.com/musickit/v3/musickit.js; MusicKit.configure() succeeds, storefront resolves to "us". Developer token is ES256, valid, and includes the origin claim for our exact site origin. Our MusicKit key is enabled for Media Services and tied to a Media ID that has MusicKit enabled. Referrer-Policy: strict-origin-when-cross-origin. Repro: sign in with an active Apple Music subscriber and tap Allow -> authorize() rejects. Reproduces for two subscriber Apple IDs, in Chrome and Edge, with third-party cookies allowed. Error object: { name: "AUTHORIZATION_ERROR", message: "Unauthorized", isMKError: true }, thrown inside musickit.js during the authorize() flow. The served MusicKit build is a prerelease (3.2526.0-prerelease.x). We've ruled out the usual suspects on our side (origin claim, referrer policy, token validity, API version, cookies, and portal provisioning). Has anyone resolved this, or is there an additional server-side enablement needed for a team/Media ID to issue web user tokens? Also filed as FB23587284. Thanks!
Replies
0
Boosts
0
Views
26
Activity
15h