oauth2/token endpoint not returning refresh_token

JustADev · ‎07-28-2022

My app starts the oauth flow with a URL like this:

https://www.dropbox.com/oauth2/authorize?response_type=code&client_id=<APP_CODE>&token_access_type=o...

After the user authorizes the app and I get an authorization_code. And I use that code with the oath2/token endpoint, I am sending the following data:

code = <AUTH_CODE_FROM_WEBSITE>

grant_type = authorization_code

client_id = <APP_CODE>

client_secret = <APP_SECRET>

The call succeeds, and I do get a access_token, but there is no refresh_token. Is this expected? How can I get a refresh token?

Greg-DB · ‎07-28-2022

[Cross-linking for reference: https://stackoverflow.com/questions/73155941/dropbox-oauth2-token-endpoint-not-returning-refresh-tok... ]

I just checked and this is working for me:

# https://www.dropbox.com/oauth2/authorize?response_type=code&client_id=u1v<redacted>&token_access_type=offline

# resulted in:

# Access Code Generated
# Enter this code into <redacted> to finish the process
# Zu9U1<redacted>

 curl -X POST https://www.dropbox.com/oauth2/token \
	-d code=Zu9U1<redacted> \
	-d grant_type=authorization_code \
	-d client_id=u1v<redacted> \
	-d client_secret=<redacted>

{"access_token": "sl.BMQ<redacted>", "token_type": "bearer", "expires_in": 14400, "refresh_token": "_Ql10<redacted>", "scope": "account_info.read file_requests.read files.content.read files.content.write files.metadata.read files.metadata.write sharing.read sharing.write", "uid": "225<redacted>", "account_id": "dbid:AAB<redacted>"}

The JSON result from /oauth2/token contains a "refresh_token" field with the refresh token string. How are you checking the returned payload for the refresh token?

If this isn't working for you, please show the actual /oauth2/authorize authorization and /oauth2/token request and response (just redacting private values).

JustADev · ‎07-28-2022

My bad. I was using saved URL to create the web URL. And that saved URL did not have the correct token_access_type field. Thank you for help. This is working now.

AEC_IT · ‎10-03-2022

Hello!

I'm having issues with the 'offline' token process. We have a FM app that communicates directly with DB via the API and we need this connection to be 'full time'. I've followed the following:

Obtained my refresh link using the following:

https://www.dropbox.com/oauth2/authorize?client_id=<redacted>&token_access_type=offline&response_type=code

and after clicking thru a few webpages I get this (fyi this token has expired):

I then run this cURL:

https://api.dropboxapi.com/oauth2/token

-X POST
-d code=9ylKMaz1CWQAAAAAAAAAdLY4TF8yXOCuigOBVP9WJ98 \
-d grant_type=authorization_code \
-d client_id=<Redacted> \
-d client_secret=<Redacted>

and get this JSON reply:

{
"access_token": "sl.BQYCf_C1x<Redacted>",
"account_id": "dbid:AAAI<Redacted>",
"expires_in": 14400,
"refresh_token": "NlNyjWipw-wAAA<Redacted>",
"scope": "account_info.read account_info.write contacts.read contacts.write file_requests.read file_requests.write files.content.read files.content.write files.metadata.read files.metadata.write sharing.read sharing.write",
"token_type": "bearer",
"uid": "4468854389"
}

I then use the "access_token" in place of the manually generated (on the developer APP page) and all is great...until the 14400 seconds (4 hours) expires and then I'm forced to go thru the 'refresh token' web process. Neither "access_token" or "refresh_token" seem to be of any use.

I realize that I might have to script the above when accessing the API when a token has expired (when I get a 401 error) however unless I have a refresh token I'm not sure how I can do this without going thru the "https://www.dropbox.com/oauth2/authorize?client_id=<redacted>&token_access_type=offline&response_type=code" process.

Any idea's would be great!

AEC_IT · ‎10-03-2022

Hello!

I'm having an issue with the 'offline' token. I went thru the process of requesting a refresh token using the web link: https://www.dropbox.com/oauth2/authorize?client_id=<redacted>&token_access_type=offline&response_type=code and received the following (expired token):

I then ran the cURL

https://api.dropboxapi.com/oauth2/token

-X POST
-d code=<Same as above> \
-d grant_type=authorization_code \
-d client_id=<redacted> \
-d client_secret=<redacted>

And received this JSON Reply

{
"access_token": "sl.BQYCf_C1xmJomo<redacted>",
"account_id": "dbid:AAA<redacted>",
"expires_in": 14400,
"refresh_token": "NlNyjWipw-wAAA<redacted>",
"scope": "account_info.read account_info.write contacts.read contacts.write file_requests.read file_requests.write files.content.read files.content.write files.metadata.read files.metadata.write sharing.read sharing.write",
"token_type": "bearer",
"uid": "<redacted>"
}

I successfully obtain the new token however that token expired in 14400 seconds (4 hours). I am not sure how to get a 'refreshed' token as the "refresh_token" doesn't work in place of the web obtained refresh token. What am I doing wrong/or need to do to get a offline token? (My FM solution needs to continually talk to DB and this app is exclusively for this purpose and no external usage/request outside this link would be used.)

Здравко · ‎10-04-2022

Hi @AEC_IT,

Take a look here for step by step example. 😉

Hope this helps.

AEC_IT · ‎10-04-2022

Здравко,

Thanks! I didn't have the correct cURL parameter for using the 'refresh token'! Inserted this into the cURL and all went fine!

oauth2/token endpoint not returning refresh_token

oauth2/token endpoint not returning refresh_token

Top contributors to this post