We are aware of the issue with the badge emails resending to everyone, we apologise for the inconvenience - learn more here.
Forum Discussion
refresh token is malformed
Hello!
I need help because I'm a little confused with the refresh token for integrations via API
I am using this guide: https://www.dropbox.com/developers/documentation/http/documentation#oauth2-token, and I follow these steps but I always get the malformed token response
1 - Get the code from https://www.dropbox.com/oauth2/authorize?client_id=<client_id>&response_type=code&token_access_type=offline
2- The result of the previous request, use it in https://api.dropbox.com/oauth2/token?grant_type=authorization_code&code=<code_1>&client_id=<client_id>&client_secret=<client_secret>
3 - Finally, the token from point 2 is used in https://api.dropbox.com/oauth2/token?grant_type=refresh_token&refresh_token=<refreshToken2>&client_id=<client_id>&client_secret=<client_secret>
Regarding point 3, I am structuring the request like this in NestJs. The rest I consult in Postman
try {
const response = await axios.post('https://api.dropbox.com/oauth2/token', null, {
params: {
grant_type: 'refresh_token',
refresh_token: "token",
client_id: "clientid",
client_secret: "clientsecret",
},
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
});
this.accessToken = response.data.access_token;
this.dbx = new Dropbox({ accessToken: this.accessToken }); // Actualiza el cliente de Dropbox con el nuevo token
} catch (error) {
console.log(error);
console.error('Error refreshing access token:', error.response?.data || error.message);
throw error;
}
Question, am I doing something wrong?.
I have read in older topics that the authorization code is taken from another endpoint, but I couldn't find it, or I didn't realize it.
I await comments. Thanks!
- Greg-DB
Dropbox Staff
The "refresh token is malformed" error would indicate that the value you're passing in to the "refresh_token" parameter does not have the right format. You would need to make sure you're passing in the full/exact value that you received in the "refresh_token" response field from /oauth2/token when you called with 'grant_type=authorization_code'. Make sure you're not accidentally using a different value, or modifying the string, etc.
However, note that you don't need to call /oauth2/token with grant_type: 'refresh_token' yourself like you are trying to with axios. If you have a refresh token, you can and should just pass it directly to the Dropbox SDK using the "refreshToken" parameter on the Dropbox object (instead of the "accessToken" parameter you currently do). The SDK will handle the refresh process for you using that refresh token, as long as it is a valid refresh token.
Check out this blog post for an example to understand how this process works.
Good day! How are you? thanks for your response
Yeah, was taking the value from access_token and not refresh_token 😅.
So nothing, it was just that, everything now works correctly!
This can be considered solved.
Thank you!
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
