OAuth2 authentication in Yandex: obtaining access and refresh tokens

Go to https://oauth.yandex.ru/client/new and create an "application". Fill

Application name
Platforms > Web services > Callback URI. This can be any URI (we will use example.org)
Scope

This will give us <ID> and <Password>.

Go to https://oauth.yandex.ru/authorize?response_type=code&client_id=<ID>. You will be redirected to https://example.org/?code=<CODE>.

Thus we obtained <ID>, <Password>, and <CODE>.

Run

curl -sS -X POST https://oauth.yandex.ru/token \
  -d grant_type=authorization_code \
  -d code=<CODE> \
  -d client_id=<ID> \
  -d client_secret=<Password>| jq .

This produces:

{
  "access_token": "<Access token>",
  "expires_in": xxxxxxxx,
  "refresh_token": "<Refresh token>",
  "token_type": "bearer"
}

To refresh the codes run

curl -sS -X POST https://oauth.yandex.ru/token \
  -d grant_type=refresh_token \
  -d refresh_token=<Refresh token> \
  -d client_id=<ID> \
  -d client_secret=<Password> | jq .

This gives

{
   "access_token" : "<New access token>",
   "refresh_token" : "<New refresh token>",
   "expires_in" : xxxxxxxx,
   "token_type" : "bearer"
}

OAuth2 authentication in Yandex: obtaining access and refresh tokens

Navigation menu

Search