get access token & refresh token

env

Hi, so I have a few issues,
I need to get the access token and the refresh token, Im using Dropbox bussiness account and I used this url to get the access code:
(*) - "https://www.dropbox.com/oauth2/authorize?client_id=<AppKey>&token_access_type=offline&response_type=code"
later I tried to get the access token via Postman using this POST curl request from the documanitaition:

curl https://api.dropbox.com/oauth2/token \
    -d code=<AUTHORIZATION_CODE> \
    -d grant_type=authorization_code \
    -d redirect_uri=<REDIRECT_URI> \
    -d client_id=<APP_KEY> \
    -d client_secret=<APP_SECRET>

 but I get an "mismatch redirect uri" even though I double-checked that the App_Key&App_Secret&Redirect_Uri are well difined within the app I created in Dropbox console.
So the first question will be, What is missing for me here?
Staying on the same subject, Im trying to make a Post request in javaScript to get the accessToken and the refreshToken, I couldn't find an example how to do that(no PKCE), so I tried to do that:

const respone = await axios.post('https://api.dropboxapi.com/oauth2/token', null, {
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
  },
  data: {
    code: <Access Code> - access code from above see (*),
    grant_type: 'authorization_code',
    redirect_uri: <Redirect-Uri>,
    client_id:<App-Key>,
    client_secret: <App-Secret>,
  },
});
console.log(respone);

and then as I understand I would have the access Token and the refresh Token in the response parameter, but I get a bad request.
Second question - what is missing for me, please refer to specific example how to do it(no PKCE)?

I manage to do this flow successfully using Java but unfortunatly it is not good enough for me as it has to be in javascript.
this is how I did it in Java:

            DbxAppInfo appInfo = new DbxAppInfo(this.appKey, this.appSecret);
            String accessCode =<Access Code> - access code from above see (*);

            DbxRequestConfig config = DbxRequestConfig.newBuilder(this.appKey).build();
            DbxWebAuth webAuth = new DbxWebAuth(config, appInfo);
            DbxAuthFinish authFinish;
            try {
                authFinish = webAuth.finishFromCode(accessCode);
            } catch (DbxException e) {
throw new Exception(e, new RuntimeException("Invalid Access Code, please Generate new Access Code"));
            }
            String accessTokenOld = authFinish.getAccessToken();
            String refreshTokenOld = authFinish.getRefreshToken();

 Third and last question - I need to do exactly the same as this in javascript, please help me to that.
Sincerely,
Asif

Greg-DB

The mismatched redirect URI error indicates that the redirect_uri you're using on /oauth2/token doesn't match the redirect_uri used to retrieve that authorization code from /oauth2/authorize. Since you're not setting redirect_uri on /oauth2/authorize, you should also omit it when calling /oauth2/token.

 

When performing a call like this, be sure to print out the response body, as it will generally contain a more specific error message. It sounds like the error in the JavaScript case is likely the same as above though, or check the response body for the error message.

 

For JavaScript, we highly recommend using the official Dropbox JavaScript SDK, as it will do much of the work for you automatically. Refer to the examples included in the "examples" folder in the SDK. It implements the authorization flow steps and as long as you set the necessary credentials, like shown in this example for the JavaScript SDK, the SDK will actually handle refresh process for you automatically. The SDK will automatically catch expired access token errors and call the API to get a new short-lived access token when needed.