Forum Discussion

Explorer | Level 3

3 years ago

Unable to acquire refresh token

Our system already successfully acquires a short lived token, but I want to get a refresh token for Dropbox. We successfully use refresh tokens with systems like SharePoint so are familiar with the flow.

Our app has full access to Dropbox (not just the App Folder) so I am not sure if that is the problem, but we get this error from dropbox when we attempt to get the token:

invalid_request : unknown field "token_access_type"

This is the request that is made

https://api.dropboxapi.com/oauth2/token?client_id=<DropBoxClientId>&client_secret=<DropBoxClientSecret>&redirect_uri=<RedirectURL>&code=<AccessCode>&token_access_type=offline&grant_type=authorization_code

If we call it without token_access_type=offline then it works fine, but we only get a short lived token and no refresh token.

Are refresh tokens only available if you are accessing the App Folder only? Am I not calling it correctly?

Developers

Здравко
3 years ago
Hi Steven_R,
As far as I can see, you are trying authorization by code and mix two different access points calls involved in the auth flow in use - /oauth2/authorize and /oauth2/token. "token_access_type" is valid and usable in the first call, not the second one! 😉 That's where resides your error. On possible results for the second call you can see:
refresh_token String If the token_access_type was set to offline when calling /oauth2/authorize, then response will include a refresh token. This refresh token is long-lived and won't expire automatically. It can be stored and re-used multiple times.
Make a note on meaning for "was" and "when" above. 🙂 Read more carefully documentation.
Hope this helps.

Здравко
Legendary | Level 20
3 years ago
Hi Steven_R,
As far as I can see, you are trying authorization by code and mix two different access points calls involved in the auth flow in use - /oauth2/authorize and /oauth2/token. "token_access_type" is valid and usable in the first call, not the second one! 😉 That's where resides your error. On possible results for the second call you can see:
refresh_token String If the token_access_type was set to offline when calling /oauth2/authorize, then response will include a refresh token. This refresh token is long-lived and won't expire automatically. It can be stored and re-used multiple times.
Make a note on meaning for "was" and "when" above. 🙂 Read more carefully documentation.
Hope this helps.
- Steven_R
  Explorer | Level 3
  3 years ago
  Thanks I have included the parameter at the correct time and it now works.
Greg-DB
Dropbox Staff
3 years ago
Steven_R Здравко is correct. The 'token_access_type' parameter is only used on /oauth2/authorize, not /oauth2/token. This is unrelated to the app's access type (full Dropbox versus app folder).

About Discuss Dropbox Developer & API

795 PostsLatest Activity: 3 days ago

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!

Forum Discussion

Unable to acquire refresh token

About Discuss Dropbox Developer & API

Related Content

Re: Dropbox acquires Boxcryptor. What will happen to all those files that have been encrypted?

Refresh Token Url

Get refresh token from access token?

Powershell Oauth2 Refresh Token

refresh token is malformed

Recent Discussions

Sharing folders to users with viewer still permits downloads

Cannot set expire settings for sharing_create_shared_link_with_settings

GET Usage (in MB, updates every 8 hours) FROM python sdk

Regarding Access Token Expiration Policy

My token expire - I want to not expire