Need to see if your shared folder is taking up space on your dropbox 👨‍💻? Find out how to check here.

Forum Discussion

Steven_R's avatar
Steven_R
Explorer | Level 3
4 years ago
Solved

Unable to acquire refresh token

Our system already successfully acquires a short lived token, but I want to get a refresh token for Dropbox. We successfully use refresh tokens with systems like SharePoint so are familiar with the flow.

 

Our app has full access to Dropbox (not just the App Folder) so I am not sure if that is the problem, but we get this error from dropbox when we attempt to get the token:

 

invalid_request : unknown field "token_access_type"

 

This is the request that is made

https://api.dropboxapi.com/oauth2/token?client_id=<DropBoxClientId>&client_secret=<DropBoxClientSecret>&redirect_uri=<RedirectURL>&code=<AccessCode>&token_access_type=offline&grant_type=authorization_code

 

If we call it without token_access_type=offline then it works fine, but we only get a short lived token and no refresh token.

 

Are refresh tokens only available if you are accessing the App Folder only? Am I not calling it correctly?

Developers
  • Здравко's avatar
    Здравко
    4 years ago

    Hi Steven_R,

    As far as I can see, you are trying authorization by code and mix two different access points calls involved in the auth flow in use - /oauth2/authorize and /oauth2/token. "token_access_type" is valid and usable in the first call, not the second one! 😉 That's where resides your error. On possible results for the second call you can see:

    refresh_token String If the token_access_type was set to offline when calling /oauth2/authorize, then response will include a refresh token. This refresh token is long-lived and won't expire automatically. It can be stored and re-used multiple times.

    Make a note on meaning for "was" and "when" above. 🙂 Read more carefully documentation.

    Hope this helps.

3 Replies

  • Здравко's avatar
    Здравко
    Legendary | Level 20
    4 years ago

    Hi Steven_R,

    As far as I can see, you are trying authorization by code and mix two different access points calls involved in the auth flow in use - /oauth2/authorize and /oauth2/token. "token_access_type" is valid and usable in the first call, not the second one! 😉 That's where resides your error. On possible results for the second call you can see:

    refresh_token String If the token_access_type was set to offline when calling /oauth2/authorize, then response will include a refresh token. This refresh token is long-lived and won't expire automatically. It can be stored and re-used multiple times.

    Make a note on meaning for "was" and "when" above. 🙂 Read more carefully documentation.

    Hope this helps.

  • Greg-DB's avatar
    Greg-DB
    Icon for Dropbox Community Moderator rankDropbox Community Moderator
    4 years ago

    Steven_R Здравко is correct. The 'token_access_type' parameter is only used on /oauth2/authorize, not /oauth2/token. This is unrelated to the app's access type (full Dropbox versus app folder).

  • Steven_R's avatar
    Steven_R
    Explorer | Level 3
    4 years ago

    Thanks I have included the parameter at the correct time and it now works.

About Discuss Dropbox Developer & API

Node avatar for Discuss Dropbox Developer & API
Make connections with other developers

The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X, Facebook or Instagram.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!