OAuth2 authentication in Yandex: obtaining access and refresh tokens

From Notes to self

Revision as of 17:42, 20 June 2021 by Verbovet (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Go to https://oauth.yandex.ru/client/new and create an "application". Fill

Application name
Platforms > Web services > Callback URI. This can be any URI (we will use example.org)
Scope

This will give us <ID> and <Password>.

Go to https://oauth.yandex.ru/authorize?response_type=code&client_id=<ID>. You will be redirected to https://example.org/?code=CODE.

Thus we obtained <ID>, <Password>, and <CODE>.

Run

curl -sS -X POST https://oauth.yandex.ru/token \
    -d grant_type=authorization_code \
    -d code=<CODE> \
    -d client_id=<ID> \
    -d client_secret=<Password>| jq .

This produces:

{
  "access_token": "<Access token>",
  "expires_in": xxxxxxxx,
  "refresh_token": "<Refresh token>",
  "token_type": "bearer"
}

Retrieved from "https://alik.ejik.org/index.php?title=OAuth2_authentication_in_Yandex:_obtaining_access_and_refresh_tokens&oldid=2053"

Linux