To communicate with the viewneo API you must have a valid access token in the requests Authorization header.

Personal Access Token

If you want to access the API in the name of your own account you should generate a personal access token. To generate a personal access token visit the API Settings in your viewneo account. Click on "Generate new token" and store it in a secure place.

After editing the description the token will be generated and displayed in a window.

Personal access tokens are valid until you remove them in your API dashboard.

Important: Treat your personal access tokens like passwords and never share them with anyone.


To access the viewneo API on a users behalf you can use OAuth2 to get an access token. To use this feature you have to create an OAuth client in your viewneo API settings.

Get authorization code (Steps 1. - 3.)

To get an authorization code the user has to authorize your client to access their account.

In order to redirect the user to the authorization page, you will need to first build the URL. You can do this by adding the following key value parameters query string to the base URL.

client_idID of your OAuth client
redirect_uri'Url encoded' Callback URL to redirect the user after authorization. Important: This value has to match the redirect URL that you set in your client settings

The following is a sample of how a valid redirect URL code will appear:

This is how the authorization page looks like.

After the user has authorized your client they will be redirected to the redirect URL with the authorization code appended with a get parameter named code.

Get the access token (Steps 4. - 5.)

Once you have received your authorization code, then it is time to request your access token.

Just send a POST request with the following JSON to the viewneo OAuth token url.

Replace the capital values with your data.

  "grant_type": "authorization_code",
  "client_id": "YOUR CLIENT ID",
  "client_secret": "YOUR CLIENT SECRET",
  "redirect_uri": "",

Curl example:

curl -H "Content-Type: application/json" -X POST -d '{"grant_type": "authorization_code","client_id": "YOUR CLIENT ID","client_secret": "YOUR CLIENT SECRET","redirect_uri": "","code": "YOUR AUTHORIZATION CODE"}'

Everything should look like this, otherwise you will get a useful error message:

  "token_type": "Bearer",
  "expires_in": 1296000,
  "access_token": "SOME ACCESS TOKEN",
  "refresh_token": "SOME REFRESH TOKEN"

How to refresh an expired token

If you want to refresh your access token before it expires. Just send the following JSON to the OAuth token url.

Replace the capitalized values with your data.

  "grant_type": "refresh_token",
  "refresh_token": "YOUR REFRESH TOKEN",
  "client_id": "YOUR CLIENT ID",
  "client_secret": "YOUR CLIENT SECRET",

Curl example:

curl -H "Content-Type: application/json" -X POST -d '{"grant_type": "refresh_token","refresh_token":"YOUR REFRESH TOKEN",client_id": "YOUR CLIENT ID","client_secret": "YOUR CLIENT SECRET"}'
Example Access Token Usage

Once you have a valid access token, you can use a simple curl request with authorization to get all of the playlists belonging to an account associated to the access token. Just replace YOUR_ACCESS_TOKEN with a real one.

curl -X GET -H 'Accept: application/json' -H 'Authorization: Bearer YOUR_ACCESS_TOKEN' ''