I am using the following link to generate an authorization code for the code flow process:
https://www.dropbox.com/oauth2/authorize?client_id=CLIENT_ID&response_type=code&token_access_type=offline&redirect_uri=https://dev.crm.DOMAIN.com/api/v1/Dropbox/Oauth2
I replaced the client ID and domain due to privacy. The process works as expected without the redirect URI. In addition, I can successfully generate an access token using Postman by connecting to my API through the redirect URI with the code as one of the parameters, which validates my API's behavior.
After granting access to the app, here is what is shown in the browser's address bar:
https://dev.crm.DOMAIN.com/api/v1/Dropbox/Oauth2?code=EIk...vr0
Here is what my API receives:
[2023-02-19 16:32:44] DEBUG: [{"code":"EIk...vr0"}] []
Using the code, I create a request as follows:
private function generateAccessToken($code) {
$data = array(
"client_id=<CLIENT_ID>",
"client_secret=<CLIENT_SECRET>",
"grant_type=authorization_code",
"code={$code}",
);
$data = implode("&", $data);
$headers = array('Content-Type: application/x-www-form-urlencoded');
$url = "https://api.dropboxapi.com/oauth2/token";
$response = $this->curl->post($url, $headers, $data);
if($response["code"] != 200) {
$GLOBALS["log"]->error("access token error", $response);
throw new Error("Error while retrieving access token");
}
return $response["data"];
}
Here is the response:
[2023-02-19 16:30:13] ERROR: access token error {400, "error":"invalid_grant", "error_description":"redirect_uri mismatch"}
Here is what is registered in the Dropbox app console:
I can't figure out what the problem is.
