Authorization
During the interaction with YooMoney, JWT format tokens are used for identification. The token format is described in IETF RFC7519.
Issuing a token (users/login)
To issue the token, you need to call the
users/login method by setting a “username-password” pair in the input.Request
Address for sending the request
POST https://yoomoney.ru/api/offerwall/v1/users/login
Parameters
| Parameter | Type | Description |
|---|---|---|
login | string | Login. Required parameter |
password | string | Password. Required parameter |
Response
Upon successful authorization, the method returns HTTP status 200 and the token value.
| Parameter | Type | Description |
|---|---|---|
| accessToken | string | Token |
| tokenType | string | Type of token. Fixed value: Bearer |
| expiresIn | int | Token validity period in seconds |
Example of the response
JSON
{ "accessToken": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ1c2VyIiwiZXhwIjoxNTc5NzkzNDQxfQ.FaX6mOhDAgVRZ5-L5p3fcH-BFnv7WuUm8hRzxPdJji7i2Lu2zANXS6nJOpbEV8Rbt1YjDh2f88swphUY5BAloA", "tokenType": "Bearer", "expiresIn": 3600 }
Example of the response
When calling any API method, you must set the value of the access token in the request headers.
Request header example
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ1c2VyIiwiZXhwIjoxNTc5NzkzNDQxfQ.FaX6mOhDAgVRZ5-L5p3fcH-BFnv7WuUm8hRzxPdJji7i2Lu2zANXS6nJOpbEV8Rbt1YjDh2f88swphUY5BAloA
Token’s validity period is limited. After the expiration, the token becomes invalid, and if you send it in a request, the response will return with the 401 Unauthorized status. In this case, you’ll need to request a new token.