Implements OpenID Connect.

For usage, see OAuth 2.0 provider.

import { Dropbox } from "arctic";

const dropbox = new Dropbox(clientId, clientSecret, redirectURI);
const url: URL = await dropbox.createAuthorizationURL(state, {
	// optional
	scopes // "openid" is always included
const tokens: DropboxTokens = await dropbox.validateAuthorizationCode(code);
const tokens: DropboxRefreshedTokens = await dropbox.refreshAccessToken(refreshToken);

Get user profile

Add the profile scope. Optionally add the email scope to get user email.

Parse the ID token or use the userinfo endpoint. See supported claims.

const tokens = await dropbox.validateAuthorizationCode(code);
const response = await fetch("", {
	method: "POST".
	headers: {
		Authorization: `Bearer ${tokens.accessToken}`
const user = await response.json();

The /users/get_current_account endpoint can also be used.

Get refresh token

Set access_type params to offline.

const url = await dropbox.createAuthorizationURL();
url.searchParams.set("access_type", "offline");
const tokens = await dropbox.validateAuthorizationCode(code);
const refreshToken: string | null = tokens.refreshToken;