That’s the crux of it. Someone already paying for Spotify and practically any smartphone can just buy a car mount and get pretty much the same experience. My high/low comment missed the mark. Someone in that position (without CarPlay) is more likely buy a $20 mount for their phone than a $100 one-trick pony device.

But the real question is why brick it? What requires so much maintenance?

A wild guess? Maybe enhanced DRM so the audio path can't be MITM'd, and the digital audio data captured?

Not that it's an acceptable reason, but could they be paying some kind of ongoing license for a codec or some other licensed software on the thing?

DevOps, monitoring, support costs, ongoing security burden. You can’t just ship a device specific API anymore and call it done. Those services will have at least monthly security updates, plus all the shimming and API back-compact work that has to be done as the backend Spotify services change.

I understand, at the same time the api shouldn't be too different to what is used by other devices (otherwise they would be just shooting themselves in the foot)