Access to API

A successful API call requires:

  • Correct Accept and Content-Type headers: the Yandex Disk API only supports the application/json MIME type. Any other value may cause a data format error.

  • URL specified in compliance with relevant request requirements.

  • OAuth token issued to your app for accessing a specific user's Yandex Disk. For requests that don't require authorization, this is specified explicitly.

General rules for specifying URLs

Rules for all resources:

  • The host for all Yandex Disk API requests is cloud-api.yandex.net. When uploading or downloading a file, you need to access the file download service and the Yandex Disk storage separately.

  • Each request must include the version of the Yandex Disk API. For example, Version 1 is denoted as follows: cloud-api.yandex.net/v1/.

  • The Yandex Disk root directory can be specified explicitly or implicitly: the disk:/foo and /foo paths refer to the same folder.

Getting OAuth tokens

Yandex Disk uses OAuth tokens to authorize apps. Each access token allows a specific app to access the data of a specific user.

To use the OAuth protocol with Yandex Disk:

  1. Register your OAuth app.

    1. Log in to your Yandex account.

    2. Open the Create app page.

    3. Enter the name of your app and attach an icon if necessary.

    4. Select one or more platforms where your app works and specify their paramaters.

      If you're developing or testing an app, use a debug token. To get it, select Web services and, in the Redirect URI field, enter the default value from the Enter URL for debugging prompt: https://oauth.yandex.ru/verification_code.

    5. Under Data access, select the appropriate access permissions (besides accessing user files, you can use the app folder):

      • Write anywhere on Yandex Disk: cloud_api:disk.write.
      • Read all of Yandex.Disk: cloud_api:disk.read.
      • Access the app folder on Yandex Disk: cloud_api:disk.app_folder.
      • Access information about Yandex Disk: cloud_api:disk.info.

    6. Enter your contact email.

    7. Click Create app at the bottom of the page. Its description will appear on the screen.

    8. Copy the app ID from the ClientID field. You'll need it to get an OAuth token. In the future, you can view all your apps at oauth.yandex.com.

  2. Get OAuth tokens to access user data using a convenient method.

    You can obtain a debug token manually:

    1. Open this page

      https://oauth.yandex.ru/authorize?response_type=token&client_id=<ClientID>

      Replace <ClientID> with the value from Step 1.8.

    2. If the OAuth token is issued to your app for the first time, an authorization screen will open. After you log in, Yandex OAuth will redirect you to the page with the token.Learn more about debug tokens.

Pass the token in the Authorization header when calling the Yandex Disk API, indicating the token type before the token value. Sample header:

Authorization: OAuth 0c4181a7c2cf4521964a72ff57a34a07
Previous
Yandex Disk API
Next
App folders
In this article: