Start 2025 on time and up to date. Seamlessly integrate your calendars into Dropbox with these simple steps.
Forum Discussion
API access with refresh_token in python
I have an app that I built in python and I'm trying to have sustained access to read from files in a folder
I've gone through the entire process of getting the user (myself) to sign in and get an initial refresh_token and access_token (described here ). When I use this initial access_token to do things, it works fine
However, once I try to use the refresh_token to access the folder/files, I'm getting stuck and can't figure out the problem. I tried two things:
1. Just setting oauth2_refresh_token=refresh_token in the Dropbox call, such as:
dbx = dropbox.Dropbox(oauth2_refresh_token=refresh_token, app_key=app_key, app_secret=app_secret)
While this did not give me an error, once I tried to see my files, I did get an error saying "AuthError(<hash>, AuthError('invalid_access_token', None))". The code I was using is (I'm using streamlit, so st.write is equivalent to print)
for entry in dbx.files_list_folder('/TestAPI').entries:
st.write(entry.name)
2. I tried to get a new access_token, but couldn't figure out how to do that in python. I see this code:
curl https://api.dropbox.com/oauth2/token \
-d grant_type=refresh_token \
-d refresh_token=<REFRESH_TOKEN> \
-d client_id=<APP_KEY> \
-d client_secret=<APP_SECRET>
But I'm not sure how that's translated into python. I tried two methods using requests, but both threw 4xx errors
payload = {
'grant_type': 'refresh_token',
'refresh_token': refresh_token,
'client_id': app_key,
'client_secret': app_secret
}
response = requests.get(
'https://api.dropboxapi.com/oauth2/token',
params=payload)
and
response = requests.post(
'https://api.dropboxapi.com/oauth2/token',
data=payload)
So overall I'm first wondering if I need a new access_token. If so, how do I get it? If not, what might I be doing wrong that's limiting my access?
Well I solved this and was just being dumb. Sorry for any confusion
It turns out that just proceeding with
dbx = dropbox.Dropbox(oauth2_refresh_token=refresh_token, app_key=app_key, app_secret=app_secret)works as it should
My mistake was saving the refresh_token to a DB and pulling it from there (I removed that step in my example code here to be more concise), and the DB was automatically removing a couple ending characters from the token
As a quick update, I did expand the error code and am seeing it says "refresh token is malformed". I found this thread . That thread claims that the token obtained from a curl call is not the refresh_token. However, I am not getting my token that same way, I get it from DropboxOAuth2FlowNoRedirect by explicitly referencing .refresh_token.
Here is my initial code to get the refresh_token:
auth_flow = DropboxOAuth2FlowNoRedirect(
app_key, app_secret,
token_access_type='offline')
authorize_url = auth_flow.start()
st.write("1. Go to: " + authorize_url)
st.write("2. Click 'Allow' (you might have to log in first)")
st.write("3. Copy the authorization code")
auth_code = st.text_input("Enter the authorization code here:")
auth_result = auth_flow.finish(auth_code)
refresh_token, access_token = auth_result.refresh_token, auth_result.access_tokenNot sure if this is helpful in understanding what is going on, but figured I would share it in case
Well I solved this and was just being dumb. Sorry for any confusion
It turns out that just proceeding with
dbx = dropbox.Dropbox(oauth2_refresh_token=refresh_token, app_key=app_key, app_secret=app_secret)works as it should
My mistake was saving the refresh_token to a DB and pulling it from there (I removed that step in my example code here to be more concise), and the DB was automatically removing a couple ending characters from the token
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
