If you use the code flow (more appropriate for server-side code), then the authorization code will be in a query parameter, and you'll then make a call to /oauth2/token to exchange the authorization code for an access token.
All of this is part of the OAuth 2 standard, not specific to Dropbox, so consider reading up on OAuth 2 itself.
Work Smarter with Dropbox
The way we work is changing. Share and discover new ways to work smarter with Dropbox in our community.