Interface SoundCloudRoutesConfig

Configuration for initializing server-side SoundCloud API route handlers.

Example

import { createSoundCloudRoutes } from "soundcloud-api-ts-next/server";

const sc = createSoundCloudRoutes({
  clientId: process.env.SC_CLIENT_ID!,
  clientSecret: process.env.SC_CLIENT_SECRET!,
  redirectUri: "http://localhost:3000/api/soundcloud/auth/callback",
});

See

createSoundCloudRoutes for usage

interface SoundCloudRoutesConfig {
    cacheHeaders?: { [routePrefix: string]: string };
    clientId: string;
    clientSecret: string;
    cors?: { methods?: string[]; origin?: string | string[] };
    csrfProtection?: boolean;
    getToken?: () => Promise<string>;
    onRequest?: (telemetry: SCRequestTelemetry) => void;
    onRouteComplete?: (telemetry: SCRouteTelemetry) => void;
    redirectUri?: string;
    routes?: { allowlist?: string[]; denylist?: string[] };
}

Index

Properties

cacheHeaders? clientId clientSecret cors? csrfProtection? getToken? onRequest? onRouteComplete? redirectUri? routes?

Properties

`Optional`cacheHeaders

cacheHeaders?: { [routePrefix: string]: string }

Set Cache-Control headers on GET responses, keyed by route prefix. Use "default" as a fallback for unmatched prefixes.

Example

cacheHeaders: { tracks: "public, max-age=60", me: "no-store", default: "public, max-age=30" }

clientId

clientId: string

SoundCloud OAuth client ID from your app registration.

clientSecret

clientSecret: string

SoundCloud OAuth client secret from your app registration.

`Optional`cors

cors?: { methods?: string[]; origin?: string | string[] }

CORS configuration. When set, Access-Control-Allow-Origin and Access-Control-Allow-Methods headers are added to responses.

Type Declaration

Optionalmethods?: string[]
Allowed HTTP methods (default: inherited from your route exports).
Optionalorigin?: string | string[]
Allowed origin(s). Pass a string or array of strings.

Example

cors: { origin: "https://myapp.com", methods: ["GET", "POST", "DELETE"] }

`Optional`csrfProtection

csrfProtection?: boolean

When true, POST/DELETE mutation routes (like, repost, follow) require a matching Origin header. If cors.origin is also set, the Origin must match an allowed origin. Helps prevent CSRF on action endpoints. Default: false.

`Optional`getToken

getToken?: () => Promise<string>

Custom token provider for public (non-auth) routes. When set, this function is called instead of the default client-credentials flow. Useful when your app stores OAuth tokens externally (e.g. Redis, database).

Type Declaration

- (): Promise<string>
- Returns Promise<string>
  A valid SoundCloud access token string.

Example

const sc = createSoundCloudRoutes({
  clientId: process.env.SC_CLIENT_ID!,
  clientSecret: process.env.SC_CLIENT_SECRET!,
  getToken: async () => {
    const redis = await getRedisClient();
    return redis.get("sc:token");
  },
});

`Optional`onRequest

onRequest?: (telemetry: SCRequestTelemetry) => void

Passed through to the underlying SoundCloud API calls for per-request telemetry. Fires for each individual SoundCloud API request (including retries).

Example

const sc = createSoundCloudRoutes({
  clientId: process.env.SC_CLIENT_ID!,
  clientSecret: process.env.SC_CLIENT_SECRET!,
  onRequest: (t) => console.log(`[SC] ${t.method} ${t.path} ${t.status} ${t.durationMs}ms`),
});

`Optional`onRouteComplete

onRouteComplete?: (telemetry: SCRouteTelemetry) => void

Called after every API route is handled with route-level telemetry. Use for logging, metrics, or observability on the Next.js side.

Example

const sc = createSoundCloudRoutes({
  clientId: process.env.SC_CLIENT_ID!,
  clientSecret: process.env.SC_CLIENT_SECRET!,
  onRouteComplete: (t) => console.log(`[Route] ${t.method} ${t.route} ${t.status} ${t.durationMs}ms`),
});

`Optional`redirectUri

redirectUri?: string

OAuth redirect URI — required if using authentication features (login/callback).

`Optional`routes

routes?: { allowlist?: string[]; denylist?: string[] }

Selective route exposure. Use allowlist to only expose specific route prefixes, or denylist to block specific ones. Unlisted routes return 403 when allowlist is set.

Type Declaration

Optionalallowlist?: string[]
Only expose these route prefixes (e.g. ["tracks", "search"]).
Optionaldenylist?: string[]
Block these route prefixes (e.g. ["me", "likes"]).

Example

routes: { allowlist: ["tracks", "search", "resolve"] }
routes: { denylist: ["me", "auth"] }

Interface SoundCloudRoutesConfig

Example

See

Index

Properties

Properties

`Optional`cacheHeaders

Example

clientId

clientSecret

`Optional`cors

Type Declaration

`Optional`methods?: string[]

`Optional`origin?: string | string[]

Example

`Optional`csrfProtection

`Optional`getToken

Type Declaration

Returns Promise<string>

Example

`Optional`onRequest

Example

`Optional`onRouteComplete

Example

`Optional`redirectUri

`Optional`routes

Type Declaration

`Optional`allowlist?: string[]

`Optional`denylist?: string[]

Example

Settings

On This Page

Interface SoundCloudRoutesConfig

Example

See

Index

Properties

Properties

OptionalcacheHeaders

Example

clientId

clientSecret

Optionalcors

Type Declaration

Optionalmethods?: string[]

Optionalorigin?: string | string[]

Example

OptionalcsrfProtection

OptionalgetToken

Type Declaration

Returns Promise<string>

Example

OptionalonRequest

Example

OptionalonRouteComplete

Example

OptionalredirectUri

Optionalroutes

Type Declaration

Optionalallowlist?: string[]

Optionaldenylist?: string[]

Example

Settings

On This Page

`Optional`cacheHeaders

`Optional`cors

`Optional`methods?: string[]

`Optional`origin?: string | string[]

`Optional`csrfProtection

`Optional`getToken

`Optional`onRequest

`Optional`onRouteComplete

`Optional`redirectUri

`Optional`routes

`Optional`allowlist?: string[]

`Optional`denylist?: string[]