Jako vždy máš pravdu Refresh Token mám ale když upravím ten druhý skript

$refresh_token = " xxxxxxxxxxxxxxxxxxxx";
$client_id = "xxxxxxxx";
$client_secret = "xxxxxxxx";

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "https://api.dropboxapi.com/oauth2/token");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "grant_type=refresh_token&refresh_token=$refresh_token&client_id=$client_id&client_secret=$client_secret");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

$headers = array();
$headers[] = "Content-Type: application/x-www-form-urlencoded";
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

$response = curl_exec($ch);

curl_close($ch);
echo $response;// *******pridano********

$response = json_decode($response, true);

$access_token = $response['access_token'];

echo "Access Token: $access_token";  
?>

to znamená doplním Refresh Token co jsem získal tak
{"error": "invalid_grant", "error_description": "refresh token is malformed"}

díky