Get an OAuth token

Implement the OAuth protocol to let users log in to your website or service. You'll need to obtain an OAuth token for that.

An OAuth token allows you to access Yandex services on behalf of a specific user if they consented to it. You should request a token for every new user that logs in to your service via Yandex.

Select a method for obtaining a token depending on your service's platform:

• Instant authorization technology is used for web services.

  With the instant authorization technology, you can add a login button or an instant login widget to your website. To do that, you need to link a JS script to the login page.
  Use an interactive button generator to customize the login button's appearance and copy the resulting script code to your page.

  Note

  If your website was built with the Joomla 3, WordPress, or 1C-Bitrix content management system, you can use ready-made CMS modules to set up the Yandex ID component on the website.

• SDK Yandex ID is used for mobile apps.

  With the SDK Yandex ID libraries, you can configure OAuth authorization via Yandex accounts for iOS and Android.

There are also methods for obtaining tokens via API requests, but we don't recommend them:

• Request an OAuth token in exchange for a confirmation code. This method allows you to enable authorization on various platforms, including console apps and multimedia devices such as Smart TV. With the confirmation code, the user grants access to data stored in their Yandex ID profile.

• Use a debug token. This method is meant for apps at the development or testing stage. No confirmation code is needed to get a debug token.

The obtained token can be saved in the app and used for API requests until its lifetime ends. Only your app should have access to the token, so avoid saving it in the browser or public configuration files.