Forum Discussion

Explorer | Level 3

2 years ago

Issue Generating Refresh Token with OAuth Code Flow

Hello, I have been struggling a bit with getting a refresh token or any success response at all from the endpoint 'https://api.dropboxapi.com/oauth2/token' when following the guide here https://devel...

API

Greg-DB
2 years ago
Given your redactions and descriptions, it seems like you're sending a parameter with the name being your app key and the value being your app secret, however that is not the correct formatting. When calling /oauth2/token to exchange the authorization code for an access token/refresh token with the code flow like this, you should send a parameter named "client_id" with the value being your app key, and a parameter named "client_secret" with the value being your app secret. You would do that the same way you already have a parameter named "code" with the value being the authorization code string.

(Note that it's also possible to send the app key and secret as "Basic" authorization, which is what the example in the documentation does using the "-u" curl flag, but that would be encoded and formatted differently. I recommend just using the parameters as described above for simplicity.)

Greg-DB

Dropbox Staff

2 years ago

Given your redactions and descriptions, it seems like you're sending a parameter with the name being your app key and the value being your app secret, however that is not the correct formatting. When calling /oauth2/token to exchange the authorization code for an access token/refresh token with the code flow like this, you should send a parameter named "client_id" with the value being your app key, and a parameter named "client_secret" with the value being your app secret. You would do that the same way you already have a parameter named "code" with the value being the authorization code string.

(Note that it's also possible to send the app key and secret as "Basic" authorization, which is what the example in the documentation does using the "-u" curl flag, but that would be encoded and formatted differently. I recommend just using the parameters as described above for simplicity.)

ImpulseWebDev
Explorer | Level 3
2 years ago
Hello Greg, first thank you again for the response - that does indeed change my error response however I think I am just a bit off still from your explanation. It sounds like I should remove my app key : app secret and replace it with the two values you stated.

I have gone back to my app console to verify both values are accurate, any idea why it would say one is potentially invalid?

About Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

5,877 PostsLatest Activity: 12 months ago

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!

Forum Discussion

Issue Generating Refresh Token with OAuth Code Flow

About Dropbox API Support & Feedback

Related Content

Invalid_Grant whlie generating Access Token using saved Refresh token in Dropbox Sign .NET SDK

Are there any default folders generated upon creating a new Dropbox account?

Re: Shared Link / "scl" to "s"

Re: Issues Downloading Files: "There was an error downloading your file"

Re: “Couldn’t save content. Check your internet connection and refresh the page." on iOS mobile app

Recent Discussions

get_shared_link_metadata API problem with the new '/scl' folder links.

Trying to download a file, but no file is being downloaded.

Dropbox internal error occured - Resolution

How to add the entire team to team folder by api

API Upload .HEIC and convert to JPG