DigitalOcean

Report this

What is the reason for this report?
Question

Docs issue with OAuth2 refresh token endpoint

Posted on May 27, 2026
Product Documentation
Application Development
Scott H

By Scott H

The docs for the OAuth API appear to be incorrect regarding how to use a refresh token to get a new access token:

https://docs.digitalocean.com/reference/api/oauth/#refresh

The docs say to use the endpoint ending in /refresh but that endpoint appears to always return a 200 with a huge blob of HTML in the response, as if it is not a real API endpoint. I have tried a lot of variations (different request methods, GET parameters vs POST body, including client_id/secret or not, including the refresh token as a bearer token, etc.) and none of them seem to work.

I have found that the endpoint that actually works is just to call /token instead, as described here:

https://www.oauth.com/oauth2-servers/making-authenticated-requests/refreshing-an-access-token/

Was not sure where else to report this.



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

0
Bobby
Bobby
May 27, 2026

Accepted Answer

Hi there,

Thanks for flagging this. You are likely right that the /refresh endpoint in the docs is outdated or incorrect, and using /token with grant_type=refresh_token is the standard OAuth2 approach anyway.

That said, for a docs issue like this the best place to report it is directly to the DigitalOcean team rather than the community forum. You can open a support ticket at https://cloud.digitalocean.com/support and flag it as a documentation error. That way it gets in front of the right people who can actually update the docs.

0
alexdo
alexdo
May 28, 2026

Heya, @92acaec68da149b0847eb423ec174a

Good catch! This looks like either a documentation issue or a problem with the /refresh route itself. Since the Community site is primarily peer-to-peer discussion, the best next step would be to report it directly to the support team so the documentation and engineering teams can review it internally.

You can contact support here:

https://www.digitalocean.com/company/contact/support

Including the exact request you tested and the HTML response returned from /refresh will likely help them reproduce the issue more quickly.

Regards

0
a536bfb7dc9d4306afbe33daff2b9c
a536bfb7dc9d4306afbe33daff2b9c
June 23, 2026

Looks like the docs are wrong or outdated. OAuth refresh flows normally use the /token endpoint with grant_type=refresh_token, not a separate /refresh endpoint. Thanks for reporting this — hopefully the docs get corrected.

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and AI-native businesses

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Start building today

From GPU-powered inference and Kubernetes to managed databases and storage, get everything you need to build, scale, and deploy intelligent applications.

© 2026 DigitalOcean, LLC.Sitemap.