I'm using two different pages. One for the initialization of the app which I then use the returned code as a querystring variable in the url where I try to get the refresh token. That is when I get the error. I read in the instructions for the URI in the JSON post data:
The redirect URI that was used when the user authorized your app. This must exactly match the redirect_uri used when intiating the OAuth 2.0 connection.
This is the call I used from my page getRefreshToken2.php:
getRefreshToken2.php?code=75c5d215-e95a-4497-9e91xxxxxxxxxxxxxxxx:1 Failed to load https://api.hubapi.com/oauth/v1/token: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access.