We are aware of the issue with the badge emails resending to everyone, we apologise for the inconvenience - learn more here.
Forum Discussion
Dropbox API Problems
Hi, so I am using Node.js and I realized that I need to refresh the access_token since it expires every so often. I got a refresh token and am trying to get an access token and set it as a variable in the class but I keep on getting a 400 error code with the message "The request parameters do not match any of the supported authorization flows. Please refer to the API documentation for the correct parameters." Below is my code.
axios
.post(
`https://api.dropbox.com/oauth2/token`,
{
grant_type: "refresh_token",
refresh_token: this.refresh_token,
},
{
headers: {
Authorization: `Basic ${this.client_id}:${this.client_secret}`,
"Content-Type": "application/x-www-form-urlencoded",
},
}
)Hi backdraft,
Your idea is correct, but as seems you don't fully understand the basic authentication (RFC7617). Pay attention on the second section where are 4 steps to construct such a header. Did you perform the last one (4-th) step? 😉
Hope this helps.
By the way Axios may do this authentication for you. Just provide auth data (username and password - application client as username and application secret as password) and let all to Axious.
One more option is to pass client_id and client_secret in the request body like grant_type and refresh_token (without any additional encoding or formatting), instead of using any authentication type explicitly. Don't need to change anything else.
Ok, I made some changes and now I am getting a new error:
error: 'invalid_grant',
error_description: 'refresh token is malformed'{ grant_type: "refresh_token", refresh_token: this.refresh_token, }, { headers: { "Content-Type": "application/x-www-form-urlencoded", }, auth: { username: this.client_id, password: this.client_secret, }, }It is exactly what it is... I don't know what more to say.
Ok. Check what actually you have provided with this.refresh_token, for instance. Dump it and see is it a refresh token or by mistake you are providing something else. Check also, is it exactly what has been received on initial authentication (first call to token access point) - even one more or less symbol may (and will) result in such an error. If needed, start from beginning and dump everything on every step, so will be able see where the things are becoming wrong.
Good luck.
PS: Check if everything follows and values are looking like as shown here when you perform the actions on your own as described (there the values may be shorter or different). The logic must be the same even when you use redirect URI with or without PKCE or not use redirect URI at all.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
