Authorization — YooMoney offer program API

Authorization

During the interaction with YooMoney, JWT format tokens are used for identification. The token format is described in IETF RFC7519.

Issuing a token (users/login)

To issue the token, you need to call the users/login method by setting a “username-password” pair in the input.

Request

Address for sending the request

POST https://yoomoney.ru/api/offerwall/v1/users/login

Parameters

Parameter	Type	Description
login	string	Login. Required parameter
password	string	Password. Required parameter

Response

Upon successful authorization, the method returns HTTP status 200 and the token value.

Parameter	Type	Description
accessToken	string	Token
tokenType	string	Type of token. Fixed value: `Bearer`
expiresIn	int	Token validity period in seconds

Example of the response

JSON
{
  "accessToken": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ1c2VyIiwiZXhwIjoxNTc5NzkzNDQxfQ.FaX6mOhDAgVRZ5-L5p3fcH-BFnv7WuUm8hRzxPdJji7i2Lu2zANXS6nJOpbEV8Rbt1YjDh2f88swphUY5BAloA",
  "tokenType": "Bearer",
  "expiresIn": 3600
}

Example of the response

When calling any API method, you must set the value of the access token in the request headers.

Request header example

Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ1c2VyIiwiZXhwIjoxNTc5NzkzNDQxfQ.FaX6mOhDAgVRZ5-L5p3fcH-BFnv7WuUm8hRzxPdJji7i2Lu2zANXS6nJOpbEV8Rbt1YjDh2f88swphUY5BAloA

Token’s validity period is limited. After the expiration, the token becomes invalid, and if you send it in a request, the response will return with the 401 Unauthorized status. In this case, you’ll need to request a new token.