You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.

Forum Discussion

amelesko's avatar
amelesko
Helpful | Level 5
3 months ago

API access with refresh_token in python

I have an app that I built in python and I'm trying to have sustained access to read from files in a folder

 

I've gone through the entire process of getting the user (myself) to sign in and get an initial refresh_token and access_token (described here ). When I use this initial access_token to do things, it works fine

 

However, once I try to use the refresh_token to access the folder/files, I'm getting stuck and can't figure out the problem. I tried two things:

1. Just setting oauth2_refresh_token=refresh_token in the Dropbox call, such as:

dbx = dropbox.Dropbox(oauth2_refresh_token=refresh_token, app_key=app_key, app_secret=app_secret)

While this did not give me an error, once I tried to see my files, I did get an error saying "AuthError(<hash>, AuthError('invalid_access_token', None))". The code I was using is (I'm using streamlit, so st.write is equivalent to print)

for entry in dbx.files_list_folder('/TestAPI').entries:
st.write(entry.name)

2. I tried to get a new access_token, but couldn't figure out how to do that in python. I see this code:

 

 

 

curl https://api.dropbox.com/oauth2/token \
    -d grant_type=refresh_token \
    -d refresh_token=<REFRESH_TOKEN> \
    -d client_id=<APP_KEY> \
    -d client_secret=<APP_SECRET>

 

 

 

But I'm not sure how that's translated into python. I tried two methods using requests, but both threw 4xx errors

payload = {
'grant_type': 'refresh_token',
'refresh_token': refresh_token,
'client_id': app_key,
'client_secret': app_secret
}
response = requests.get(
'https://api.dropboxapi.com/oauth2/token',
params=payload)

and

response = requests.post(
'https://api.dropboxapi.com/oauth2/token',
data=payload)

 

So overall I'm first wondering if I need a new access_token. If so, how do I get it? If not, what might I be doing wrong that's limiting my access?

 

  • Well I solved this and was just being dumb. Sorry for any confusion

     

    It turns out that just proceeding with

    dbx = dropbox.Dropbox(oauth2_refresh_token=refresh_token, app_key=app_key, app_secret=app_secret)

    works as it should

     

    My mistake was saving the refresh_token to a DB and pulling it from there (I removed that step in my example code here to be more concise), and the DB was automatically removing a couple ending characters from the token

  • amelesko's avatar
    amelesko
    Helpful | Level 5

    As a quick update, I did expand the error code and am seeing it says "refresh token is malformed". I found this thread . That thread claims that the token obtained from a curl call is not the refresh_token. However, I am not getting my token that same way, I get it from DropboxOAuth2FlowNoRedirect by explicitly referencing .refresh_token.

     

    Here is my initial code to get the refresh_token:

    auth_flow = DropboxOAuth2FlowNoRedirect(
    app_key, app_secret,
    token_access_type='offline')
    authorize_url = auth_flow.start()
    st.write("1. Go to: " + authorize_url)
    st.write("2. Click 'Allow' (you might have to log in first)")
    st.write("3. Copy the authorization code")
    auth_code = st.text_input("Enter the authorization code here:")
    auth_result = auth_flow.finish(auth_code)
    refresh_token, access_token = auth_result.refresh_token, auth_result.access_token

     

    Not sure if this is helpful in understanding what is going on, but figured I would share it in case

    • amelesko's avatar
      amelesko
      Helpful | Level 5

      Well I solved this and was just being dumb. Sorry for any confusion

       

      It turns out that just proceeding with

      dbx = dropbox.Dropbox(oauth2_refresh_token=refresh_token, app_key=app_key, app_secret=app_secret)

      works as it should

       

      My mistake was saving the refresh_token to a DB and pulling it from there (I removed that step in my example code here to be more concise), and the DB was automatically removing a couple ending characters from the token

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

5,899 PostsLatest Activity: 10 months ago
332 Following

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!