You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.

Forum Discussion

GIS_questions's avatar
GIS_questions
Explorer | Level 4
3 years ago

Error when attempting to get an access token using refresh token

I keep encountering the same error when I attempt to use my refresh token, client id and client secret to get a new access token in my javascript code:

" Error in call to API function "files/upload": Invalid authorization value in HTTP header "Authorization": "Bearer". Expecting "Bearer <oauth2-access-token>".

 

I've tried many times but I keep coming back to the same error, whether I use a fetch method, post, or get. I know my information is correct, because a curl request gives me a working access token, but I seem to be messing something up. I've read through all the resources I can find, but I think I must be making a mistake when applying this code.

 

Any help would be greatly appreciated, as I am very new to javascript and the removal of long-lived access tokens has thrown me for a loop!

 

(The images below are all different attempts, each of which failed with the same error.)

 

  • Greg-DB's avatar
    Greg-DB
    Icon for Dropbox Staff rankDropbox Staff

    It looks like you're attempting to use a refresh token as a "Bearer" token in a few places in this case (where you set the "Authorization" header to "Bearer" + refreshToken). Refresh tokens themselves are not access tokens and cannot be used as Bearer tokens though, so please update your code to remove that. Refresh tokens should only be used as the "refresh_token" parameter value (as you do have) when calling /oauth2/token.

     

    Also, I see in one line that you have a reference to "api.dropboxapi.com/oauth2/token_access_type=offline". That is not correct, and appears to be a combination of "api.dropboxapi.com/oauth2/token", which is the Dropbox OAuth 2 token endpoint, and "token_access_type=offline" which is only a parameter/option on www.dropbox.com/oauth2/authorize. You can find more information in the OAuth Guide and authorization documentation.

     

    This comment with a basic example of the whole procedure may be a useful reference.

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

5,910 PostsLatest Activity: 3 days ago
333 Following

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!