You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
Jerao91
4 months agoExplorer | Level 4
refresh token is malformed
Hello!
I need help because I'm a little confused with the refresh token for integrations via API
I am using this guide: https://www.dropbox.com/developers/documentation/http/documentation#oauth2-token, and I follow these steps but I always get the malformed token response
1 - Get the code from https://www.dropbox.com/oauth2/authorize?client_id=<client_id>&response_type=code&token_access_type=offline
2- The result of the previous request, use it in https://api.dropbox.com/oauth2/token?grant_type=authorization_code&code=<code_1>&client_id=<client_id>&client_secret=<client_secret>
3 - Finally, the token from point 2 is used in https://api.dropbox.com/oauth2/token?grant_type=refresh_token&refresh_token=<refreshToken2>&client_id=<client_id>&client_secret=<client_secret>
Regarding point 3, I am structuring the request like this in NestJs. The rest I consult in Postman
try {
const response = await axios.post('https://api.dropbox.com/oauth2/token', null, {
params: {
grant_type: 'refresh_token',
refresh_token: "token",
client_id: "clientid",
client_secret: "clientsecret",
},
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
});
this.accessToken = response.data.access_token;
this.dbx = new Dropbox({ accessToken: this.accessToken }); // Actualiza el cliente de Dropbox con el nuevo token
} catch (error) {
console.log(error);
console.error('Error refreshing access token:', error.response?.data || error.message);
throw error;
}
Question, am I doing something wrong?.
I have read in older topics that the authorization code is taken from another endpoint, but I couldn't find it, or I didn't realize it.
I await comments. Thanks!
- Greg-DBDropbox Staff
The "refresh token is malformed" error would indicate that the value you're passing in to the "refresh_token" parameter does not have the right format. You would need to make sure you're passing in the full/exact value that you received in the "refresh_token" response field from /oauth2/token when you called with 'grant_type=authorization_code'. Make sure you're not accidentally using a different value, or modifying the string, etc.
However, note that you don't need to call /oauth2/token with grant_type: 'refresh_token' yourself like you are trying to with axios. If you have a refresh token, you can and should just pass it directly to the Dropbox SDK using the "refreshToken" parameter on the Dropbox object (instead of the "accessToken" parameter you currently do). The SDK will handle the refresh process for you using that refresh token, as long as it is a valid refresh token.
Check out this blog post for an example to understand how this process works.
- Jerao91Explorer | Level 4
Good day! How are you? thanks for your response
Yeah, was taking the value from access_token and not refresh_token 😅.
So nothing, it was just that, everything now works correctly!
This can be considered solved.
Thank you!
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
5,885 PostsLatest Activity: 5 years agoIf you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!