We are aware of the issue with the badge emails resending to everyone, we apologise for the inconvenience - learn more here.

Forum Discussion

backdraft's avatar
backdraft
Explorer | Level 3
3 months ago

Dropbox API Problems

Hi, so I am using Node.js and I realized that I need to refresh the access_token since it expires every so often. I got a refresh token and am trying to get an access token and set it as a variable in the class but I keep on getting a 400 error code with the message "The request parameters do not match any of the supported authorization flows. Please refer to the API documentation for the correct parameters." Below is my code.

 

    axios
      .post(
        `https://api.dropbox.com/oauth2/token`,
        {
          grant_type: "refresh_token",
          refresh_token: this.refresh_token,
        },
        {
          headers: {
            Authorization: `Basic ${this.client_id}:${this.client_secret}`,
            "Content-Type": "application/x-www-form-urlencoded",
          },
        }
      )
  • Hi backdraft,

    Your idea is correct, but as seems you don't fully understand the basic authentication (RFC7617). Pay attention on the second section where are 4 steps to construct such a header. Did you perform the last one (4-th) step? 😉

    Hope this helps.

     

    By the way Axios may do this authentication for you. Just provide auth data (username and password - application client as username and application secret as password) and let all to Axious.

    One more option is to pass client_id and client_secret in the request body like grant_type and refresh_token (without any additional encoding or formatting), instead of using any authentication type explicitly. Don't need to change anything else.

    • backdraft's avatar
      backdraft
      Explorer | Level 3

      Ok, I made some changes and now I am getting a new error:

       

      error: 'invalid_grant',
      error_description: 'refresh token is malformed'

       

              {
                grant_type: "refresh_token",
                refresh_token: this.refresh_token,
              },
              {
                headers: {
                  "Content-Type": "application/x-www-form-urlencoded",
                },
                auth: {
                  username: this.client_id,
                  password: this.client_secret,
                },
              }

       

      • Здравко's avatar
        Здравко
        Legendary | Level 20

        It is exactly what it is... I don't know what more to say.

        Ok. Check what actually you have provided with this.refresh_token, for instance. Dump it and see is it a refresh token or by mistake you are providing something else. Check also, is it exactly what has been received on initial authentication (first call to token access point) - even one more or less symbol may (and will) result in such an error. If needed, start from beginning and dump everything on every step, so will be able see where the things are becoming wrong.

        Good luck.

         

        PS: Check if everything follows and values are looking like as shown here when you perform the actions on your own as described (there the values may be shorter or different). The logic must be the same even when you use redirect URI with or without PKCE or not use redirect URI at all.

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

5,877 PostsLatest Activity: 12 months ago
326 Following

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!