I am trying to make a library GET request using MusicKit but I keep getting a 403 Forbidden Error.
Here is the code I'm running in Python:
import datetime
import jwt
secret = """
-----BEGIN PRIVATE KEY-----
{Insert Private Key Here}
-----END PRIVATE KEY-----
"""
keyId = "{Insert KeyID Here}" # https://developer.apple.com/account/ios/authkey/
teamId = "{Insert TeamID Here}" # https://developer.apple.com/account/#/membership/
alg = "ES256"
time_now = datetime.datetime.now()
time_expired = datetime.datetime.now() + datetime.timedelta(hours = 4320) #180d
headers = {
"kid": keyId,
"alg": alg
}
payload = {
"iss": teamId,
"iat": int(time_now.strftime("%s")),
"exp": int(time_expired.strftime("%s"))
}
if __name__ == "__main__":
token = jwt.encode(payload, secret, algorithm = alg, headers = headers)
MUT = {Insert Music User Token Here}
print("\n----CURL----")
print("curl -v -H 'Authorization: Bearer %s' \"https://api.music.apple.com/v1/catalog/us/artists/36954\" \n" % (token))
print(f"curl -v -H 'Music-User-Token: Bearer {MUT}' -H 'Authorization: Bearer {token}' \"https://api.music.apple.com/v1/me/library/albums\" \n")
When I put the curl in for the first one (the catalog request) it works fine, but when I make the request using the second one (the library request) I get {"errors":[{"id":"4KHPECFWDNNRKXBJGYVIBO2PY4","title":"Forbidden","detail":"Invalid authentication","status":"403","code":"40300"}]}%
Is there a way to do the authentication in Python? Am I using the wrong Music-User-Token? I am using the one from the P8 File downloaded when I made the key. Ideally, I wouldn't be using that because I assume it's unique to me, and I want to eventually put this on the App Store for other people to use. Would I need to authenticate externally to authorize the app to use my Apple Music Library? The App is currently not being hosted anywhere, so not sure if that would be a problem. Right now, I am in the beginning stages of building it, so I mainly want to test and see if I can get things working.