Access tokens

User authorization via tokens issued by the Yandex OAuth server.

The OAuth token is a special code that allows access to a specific user's data. Each user (Yandex Direct username that API calls are made on behalf of) must get an individual token to specify when making calls.

For more information about OAuth authorization and various ways to get a token, see the OAuth guide.

App registration

An app only needs to be registered on the Yandex OAuth server one time. To do this, log in on Yandex with the app developer's username. For more information, see the section Registration on the OAuth server in App registration.

Get a token

To get a token, the app must redirect the user to the access request page, which is a special page on the Yandex OAuth server. The user logs in on Yandex (with the username for Yandex Direct) and grants the app access to personal data. The Yandex OAuth server generates a token and passes it to the app.

The procedure for getting a token is described in the OAuth authorization guide.

Note. At the app development stage, you can get a debugging token in the name of a test user. See the section Debugging token in the OAuth authorization guide.

Using the token when calling methods

The token obtained for a user must be specified in the token parameter for every request to the Yandex Direct API on behalf of this user.

If an invalid token is specified, an error message is returned with code 53.

Discontinuation of a token

Situations that cause a token to become invalid and require getting a new token are listed in the section Revoking tokens in the OAuth guide.

Tip.

If you are using an application, we recommend that you register a special representative in Yandex Direct and get a token for the representative. See the section Recommendations for creating representatives in the documentation for the API version 5.