Switching from OpenID to the Yandex ID API

All OpenID identifiers with Yandex as the provider stopped working on August 10, 2015. For authentication on other sites with a Yandex account, use the Yandex ID API.

For users

Since August 10, 2015, you can log in on other websites using your Yandex account only if the website developer correctly switched over from OpenID. If you can't log in to a website with your Yandex account, contact the site's support service.

For website developers and webmasters

Users who log in to your website with a Yandex OpenID lost this capability on August 10. You can use the Yandex ID API to authenticate such users.

The API can also provide users access to old accounts that are associated with an OpenID. To do this, after enabling the Yandex ID API, you need to handle logins in a special way:

  1. If the user manually enters a Yandex OpenID identity, notify them that it's no longer allowed to log in this way, and offer to use the Yandex ID API for login. You can recognize Yandex identities by the URL domain: yandex.ru or ya.ru.

    If the user just clicks the button to log in via Yandex, use the Yandex ID API for authentication.

  2. Request an OAuth token to access the user's data.

  3. Request the necessary data via the Yandex ID API. To get the OpenID identities that might belong to the user, also pass the with_openid_identity parameter.

  4. Search for each OpenID identity listed in the response in your database of accounts:

    • If no account with the listed OpenID identities was found, just use the Yandex ID API to authenticate the user.

    • If one account was found, link it to the account ID in Yandex (the id element in the response from the Yandex ID API). Then use the API to authenticate the user.

    • If multiple accounts were found with the listed OpenID identities, ask the user to select one to use for authentication. Link the selected account to the account ID in Yandex, then use the Yandex ID API to authenticate the user.

This way, the user can log into your site via Yandex, and you can associate the data from the old OpenID account to the unique Yandex user ID when this becomes necessary.