OAuth 2.0 Protocol
The OAuth 2.0 protocol allows applications to work with Yandex services on behalf of the user. Access to each app is explicitly restricted by the rights set at the registration. For the basic principles of OAuth, as well as the protocol features in Yandex, see OAuth implementation in Yandex.
How do I use OAuth?
To start using the protocol, you need to:
Register your app in Yandex.OAuth.
Receive the token in one of two ways:
Request a token in exchange for a confirmation code. You can use a confirmation code to work with apps that aren't adapted to the URL:
- If it's important to receive the token in the response body and not in the URL, request a code that can be exchanged for a token.
- If it's difficult to access the redirect URL in the app, request the code output for the user in Yandex.OAuth.
- If it's difficult to enter a code on the device, you can ask the user to enter the code in Yandex.OAuth.
You can test OAuth applications using debug tokens.