spotify-mcp
Verified Safeby ifiecas
Overview
Connects Microsoft Copilot Studio AI agents to the Spotify Web API to enable music search, artist information, track details, and audio analysis.
Installation
python server.pyEnvironment Variables
- SPOTIFY_CLIENT_ID
- SPOTIFY_CLIENT_SECRET
- LOCAL_TOKEN
- PORT
Security Notes
The server uses a simple Bearer token for authentication with a single, shared secret (`LOCAL_TOKEN`). This is explicitly noted in the README as being for development/demo purposes and is not suitable for production environments due to lack of advanced security features like OAuth, user-specific access control, token expiration, rate limiting, and secure secret management (e.g., Azure Key Vault). If the `LOCAL_TOKEN` is compromised, the server is fully accessible. However, the source code does not contain direct malicious patterns, arbitrary code execution (like `eval`), or hardcoded secrets (it relies on environment variables).
Similar Servers
spotify-mcp-server
Enables AI assistants to control Spotify playback and manage playlists via the Model Context Protocol (MCP).
discogs-mcp-server
MCP Server for the Discogs API, enabling music catalog operations, search functionality, and more.
spotify-streamable-mcp-server
Provides an LLM-friendly interface to control Spotify playback, search music, and manage playlists/saved songs, enabling voice control and smart-home automations.
mcp-azure-apim
Demonstrates exposing an existing REST API (Setlist.fm) as a Model-Context-Protocol (MCP) server using Azure API Management, consumable by various clients including AI agents and GitHub Copilot tools.