Need to see if your shared folder is taking up space on your dropbox 👨💻? Find out how to check here.
Forum Discussion
Solved
Issue in generating access token
Hello, I faced many issues in generating access token
First, I have here access code generated <REDACTED>
curl https://api.dropbox.com/oauth2/token \ -d code=<REDACTED> \ -d grant_type=authorization_code \ -d redirect_uri=https://api.dropbox.com/oauth2/token \ -u <REDACTED>
It prints every time :
{
"error": "invalid_grant",
"error_description": "redirect_uri mismatch"
}
However I have here the redirected links
Hi Mostafa Ezzat,
Let's try some authentication process step by step. 🙂 It may succeed.
At the beginning make sure you have your App key and App secret at hand from App Console page. Select desired application there and once got there in and scroll to field "App key" and "App secret" (for the secret "Show" should be used) keep the browser window accessible, so would be able take a look there when needed.
Next, open a new browser window and put into address line following:
https://www.dropbox.com/oauth2/authorize?token_access_type=offline&response_type=code&client_id=<App key>Where "<App key>" is the one from you previous browser window. Next the confirmation you will get a code (alphanumeric sequence). The same could be received automatic when redirect URL is in use (either direct or PKCE code flow), but here we will perform it in such a way for clarity.
Next step will be to "materialize" the received code. In a terminal window execute following curl command:
curl https://api.dropbox.com/oauth2/token -d code=<received code> -d grant_type=authorization_code -u <App key>:<App secret>
Where "<received code>" is the code shown up in the second browser window after confirmation. "<App key>" and "<App secret>" come from the first browser window. As a result you will get in your terminal something like:
{"access_token": "sl.abcdefg123456789AbCdEf-GHijKLmn0U", "token_type": "bearer", "expires_in": 14400, "refresh_token": "oDfT54975DfGh12345KlMnOpQrSt01a", "scope": "account_info.read files.content.read etc.", "uid": "123456789", "account_id": "dbid:ABCDEF5g8HijklMNopQ2Rs5tUV_wxy5z_YO4"}Of course, you will receive different values filling the pattern. Here "sl.abcdefg123456789AbCdEf-GHijKLmn0U" is access token you can use in every regular API call for "14400" second since current moment until expires. "oDfT54975DfGh12345KlMnOpQrSt01a" is your refresh token. The one that will never expire (or till revoke).
When currently received access token expires, you can perform following curl call:
curl https://api.dropbox.com/oauth2/token -d grant_type=refresh_token -d refresh_token=oDfT54975DfGh12345KlMnOpQrSt01a -u <App key>:<App secret>
Where "oDfT54975DfGh12345KlMnOpQrSt01a" is the refresh token "materialized" from code at the beginning. "<App key>" and "<App secret>" come again from the first browser window. As a result you will get in your terminal something like:
{"access_token": "sl.abcdefg123456789AbCdEf-OPqrSTuv1W", "token_type": "bearer", "expires_in": 14400}Again "sl.abcdefg123456789AbCdEf-OPqrSTuv1W" is an access token usable in regular API calls for "14400" seconds (i.e. 4 hours). The last call need to be used every time you need valid access token and the previous one got expired. For the test here you don't have to wait 4 hours. You can call it immediately. 😉 Completes everything successfully?
Every time you do receive access token, it can be use for as many seconds as denoted in "expires_in" field. The access token itself is a ASCII chars sequence and you should be ready to process such a sequence as presented (including different length).
Hope this gives direction and clarifies matter with the step by step processing.
31 Replies
Replies have been turned off for this discussion
- Greg-DB
Dropbox Community Moderator
Kloss The original "-u" option shown earlier in this thread is an option for curl for specifying the Basic credentials (which in this case should be the app key and secret). It looks like in your environment it was getting sent to Invoke-WebRequest, where "-u" is ambiguous. I'm glad to hear you already sorted that out.
For this /oauth2/token call, you would specify the app key and secret, but not your account password. The "-u" option is a way to specify the app key and secret, in place of what would be the username and password in other contexts. So, to specify the app key and secret, you could use it like "-u <appkey>:<appsecret>", where <appkey> is your app key, and <appsecret> is your app secret; do not enter your account password.
Kloss wrote:...
I know my app key and app secret is correct. And the host password I assume is my dropbox password to get into my account.
...Kloss, your account id (email) or password have nothing to do here! The only thing you need to authenticate is your application, nothing more. Check your shell syntax (might be some typing error, for instance). You account identification has already been performed in your browser. 😉
Good luck.
Thank you. Your answer was very helpful to me. It should be in the guide articles.
Hi Здравко
I have followed your (very generous) steps. Every works fine... I get back the JSON I am expecting as per your post. ie I get the access token, a refresh token and bunch of other data. However when I use the 'sl...' access token just generated to upload a file, I get the following error:
{"error_summary": "expired_access_token/...", "error": {".tag": "expired_access_token"}}
I have tried the flow you recommend several times to ensure I have all inputs correct, and get the same error.
Then I tried generating an access token directly from the app console for the app. This returned the same error.
Any thoughts on where I should focus?
tx
c
- Greg-DB
calexmac An 'expired_access_token' error indicates that the particular short-lived access token you used has expired, so you'd need to get a new one to continue making API calls. If you have a refresh token, you can do so by calling /oauth2/token with grant_type=refresh_token. Please refer to the messages at the beginning of this thread for more information.
Does this method still work until now?
Yes The Kingdom, it does. It has never stopped. 😉 Do you have any issue? 🧐
Nice New Year holiday for everybody!
- Can you help me for this method? I don't have coding skill and i don't understand about coding.
Hm.. 🤔 To be honest, I'm not sure what you ask me for. API/SDKs are software tools directed for usage in software project (or even simple client script). This is valid for any kind of such tools (no limit to Dropbox API/SDK). In the same context you need some basic coding skills, at least! My example here shows how authentication can work in a very basic and simplistic way. It's not the only way. The same way can be used for some prebuild third party software, but better ask the software provider how exactly, if you don'f feel yourself confident enough.
Hope this gives direction.
Please I'm getting this response after I call the endpoint to acquire a bearer token
Response:{"error": "invalid_request", "error_description": "The request parameters do not match any of the supported authorization flows. Please refer to the API documentation for the correct parameters."}Endpoint:
https://api.dropbox.com/oauth2/token
I have followed all instructions and passed all required parameters listed here:curl https://api.dropbox.com/oauth2/token \ -d code=<AUTHORIZATION_CODE> \ -d grant_type=authorization_code \ -d redirect_uri=<REDIRECT_URI> \ -d client_id=<APP_KEY> \ -d client_secret=<APP_SECRET>
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
