API access

The API can be used by:
  • Administrators — Mail for Domain users who connected and verified at least one domain using the Yandex.Mail for Domain interface. Administrators can manage their domains and the email on them (for example, enable email on a domain for an organization or the users of a specific website).
  • Registrars — Mail for Domain users who manage (register, park, and so on) the domains of administrators and their email.

  1. Administrator access
  2. Registrar access

Administrator access

All API functionality is available to administrators. In order to use API features, the PDD token (Mail for Domain access token) must be passed in the PddToken header in every request. You can get a PDD token on the token management page by entering a domain name that has already been verified.

Registrar access

Registrars can access all API functionality except management of proxy administrators.

In order to use requests, the registrar must include in every request:
  1. The PDD token (Mail for Domain access token) in the PddToken header.
  2. The OAuth token in the Authorization header.

Getting a PDD token

To get a PDD token, you must:
  1. Register your application on the OAuth service. Properties should be specified as follows:
    • Name — The name of the application that identifies the registrar.
    • RightsYandex.Mail for Domain → List of domains and inboxes in Yandex.Mail for domains, right to set up domains, create and delete inboxes.
    • Callback URL — The callback URL to pass data about the OAuth token to.
  2. Create a registrar account on the registrar management page.
  3. Enter the ID of the OAuth application on the registrar management page, in the OAuth client ID box.
  4. Get a PDD token on the token management page by entering the ID of the registrar you have created.

Getting an OAuth token

To act on behalf of the administrator, the registrar must get an OAuth token for the application that was created when obtaining the PDD token.

The registrar must send the administrator to the OAuth token request URL, where the administrator must grant access to personal data. Yandex.OAuth will send the token data to the callback URL. For more information, see the web client instructions.

Other methods for getting OAuth tokens are covered in the Yandex.OAuth document.