Forum Discussion

Explorer | Level 4

9 months ago

Refresh Token Url

Hi All,

I am using Dropbox HTTP integration and for the refresh token, we are using "https://www.dropbox.com/oauth2/token" EP.
suddenly I got an error for one of our users.
"Error (400)

Something went wrong. Don't worry, your files are still safe and the Dropbox team has been notified. Check out our Status Page to see if there is a known incident, our Help Center and forums for help, or head back to home."
with no extra information.
looking at the documentation I saw that "https://api.dropbox.com/oauth2/token" is a new EP.
should I update the EP?
Can it be that the old URL is working for some of our users but not all?

Developers

Greg-DB
9 months ago
jaksonjohn The /oauth2/token endpoint is an OAuth endpoint, not a web page, and so should be accessed on api.dropboxapi.com, not www.dropbox.com.

While it's possible that it happened to work on that domain previously, it was never officially meant for that and was not documented as such, and so would not be officially supported on that www domain.

For reference, the official documentation does show (and has shown as far back as I'm aware) that it should be accessed on api.dropboxapi.com.

As such, apps should access that endpoint on api.dropboxapi.com, not www.dropbox.com. Any apps that were using that on www.dropbox.com, even if it happened to work for them previously, should update their code to use the correct api.dropboxapi.com instead.

Greg-DB
Dropbox Staff
9 months ago
Bk13 Здравко is correct; the correct endpoint is and has been "https://api.dropboxapi.com/oauth2/token" per the documentation. Apps should not access that endpoint on www.dropbox.com.
- jaksonjohn
  New member | Level 2
  9 months ago
  i think no. the url is to be changed. i have experience in it.
  - Greg-DB
    Dropbox Staff
    9 months ago
    jaksonjohn The /oauth2/token endpoint is an OAuth endpoint, not a web page, and so should be accessed on api.dropboxapi.com, not www.dropbox.com.
    
    While it's possible that it happened to work on that domain previously, it was never officially meant for that and was not documented as such, and so would not be officially supported on that www domain.
    
    For reference, the official documentation does show (and has shown as far back as I'm aware) that it should be accessed on api.dropboxapi.com.
    
    As such, apps should access that endpoint on api.dropboxapi.com, not www.dropbox.com. Any apps that were using that on www.dropbox.com, even if it happened to work for them previously, should update their code to use the correct api.dropboxapi.com instead.
Здравко
Legendary | Level 20
9 months ago
Hi Bk13,
To be honest I have never used the endpoint you used to use, so I have no any idea what's this. Even if that EP ever worked, you have to use the actual EP - /oauth2/token - not something else.
Good luck.

About Discuss Dropbox Developer & API

Make connections with other developers

795 PostsLatest Activity: 5 days ago

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!

Forum Discussion

Refresh Token Url

About Discuss Dropbox Developer & API

Related Content

How to get an Access Token from a Refresh token from within B4A

Get refresh token from access token?

Refresh token generates an invalid access token?

refresh token is malformed

Powershell Oauth2 Refresh Token

Recent Discussions

Sharing folders to users with viewer still permits downloads

Cannot set expire settings for sharing_create_shared_link_with_settings

GET Usage (in MB, updates every 8 hours) FROM python sdk

Regarding Access Token Expiration Policy

My token expire - I want to not expire