Grooveshark Internal API

Grooveshark is a Music streaming service providing user-uploaded MP3s for listening in a flash-based player. It also has an intergrated social network-type service and provides suggestions to you based on your listening habits similar to last.fm. Grooveshark has also recently released mobile applications for a number of platforms aside from their flash player.

Warning
Using the information below to communicate with Grooveshark servers is against their TOS. They use heuristics to determine if a client is valid; if you create a client that misbehaves in a way that triggers their attacker detection, your IP address (or the IP addresses of your users) will be flagged as an attacker, and Grooveshark will cease to work properly.

Please note that this wiki may be out of date as it is not actively maintained, and designed around the older "retro" flash client before alternative API endpoints were available. Since then, Grooveshark has begun to have an semi-offical API through different means, such as at http://apishark.com/ or http://tinysong.com/api or http://grooveshark.wikia.com/wiki/External_Player_Control_API_Docs

Last update to clients, clientrevision & secretKey: 28 Februari 2013, 1AM GMT

Communicating with Grooveshark
Grooveshark's servers use simple PHP and HTTP to authenticate and communicate with the flash player.

All communications (with the exception of retriving a song with a playKey) are done by POSTing a XML object to either http://grooveshark.com/more.php or https://grooveshark.com/more.php. The offical flash client uses HTTPS to authenticate the tokens and user, and uses regular HTTP for all other transactions.

HTTPS is mostly used for executing the "getCommunicationToken" method

Known Grooveshark Methods
See Grooveshark Methods for a (somewhat incomplete) description of the known Grooveshark methods.

For any method used, DO NOT forget to add a correct header.

Getting a Session ID
You can just make it up, it's just a md5 hash.

Example: b652161e10ae00ee825b4ff4197522e4

If you are planing on developing an application it's recomended that you use the session id provided by Grooveshark for it to work properly.

Getting a Token
To get a token, you must first get a session id, as above. Then you must POST a JSON object, with the method "getCommunicationToken", and parameters of "SecretKey" (which the value is a md5 hash of the session ID) to https://grooveshark.com/more.php.

The response will be a JSON object, and the token will be contained in the result value if successful.

Using the Token
When creating a request other than getCommunicationToken, you must add a token parameter, which is a 46 character value created as such:

When creating a request other than getCommunicationToken, you must add a token parameter, which is a 46 character value created as such:

Note: The salt "tastyTacos" is the newest key used by GS, older keys no longer work - so if you had an older key, update with this one.
 * 1) Generate 6 random hex characters
 * 2) Create a SHA1 hash of: the method you plan to use + ":" + your token + ":tastyTacos:" + the random characters generated previously
 * 3) The final token will be the 6 random characters + the SHA1 hash

Grooveshark Mobile
Grooveshark have released many clients for mobile phones, streaming music at 64kbps (except iPhone, which runs at full rate).

Grooveshark client & current revision
For the getCommunicationToken request, one might use "htmlshark" with revision number "20120830"

For other requests one could use "jsqueue" with the same revision number