Error getting refresh token


I get the following error when trying to get the refresh token:


getRefreshToken2.php?code=75c5d215-e95a-4497-9e91xxxxxxxxxxxxxxxx:1 Failed to load Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access.


I'm using two different pages. One for the initialization of the app which I then use the returned code as a querystring variable in the url where I try to get the refresh token. That is when I get the error. I read in the instructions for the URI in the JSON post data:

The redirect URI that was used when the user authorized your app. This must exactly match the redirect_uri used when intiating the OAuth 2.0 connection.

This is the call I used from my page getRefreshToken2.php:

url: "",
type: "POST",
grant_type: "authorization_code",
redirect_uri: "http://localhost/HubSpot-test/initiate-oauth.php",
headers: "Content-Type: application/x-www-form-urlencoded;charset=utf-8",
dataType: "json",
r.done(function (result) {
$result="Access Token: " + result.access_token + "\nrefresh_token: " + result.refresh_token + "\nexpires: " + result.expires;

}); (xhr, thrownError) {alert(xhr.status);alert(thrownError);console.log(xhr);});


I also get this error when I try it in MS Edge:

XMLHttpRequest: Network Error 0x80070005, Access is denied.


Hi @jpaullewer,

That error most often appears because the OAuth connection flow does not support CORS AJAX requests, per this documentation.

The AJAX request must be made to your server, which would then add authentication and make the request to the HubSpot server-side.


Thank you. I had to use another method which I was not familiar with. Learning all about curl today. I'll close this one out.