OAuth implementation at Yandex

Yandex services use tokens to authorize apps by the OAuth 2.0 protocol. Each token is a digit-letter sequence in which the following information is encrypted:

  • ID of the account that can be accessed.

  • ID of the application with access rights.

  • Set of rights (actions available to the application).

The general rules for using Yandex OAuth tokens are described below.

Authorization procedure

Applications request tokens the following way: