Authorization

Users authorize in RouteQ using Yandex ID. We recommend observing all the account protection rules for your RouteQ account.

To access RouteQ, your account or Yandex ID must be linked to a specific company ID. An account can be linked to only one company, but a company can contain multiple accounts. If the company already has an ID, then its administrator can add new users. If you create a new company, then the account that the user was authorized under when creating the company will be added as the administrator.

The authorization method depends on which RouteQ features you plan to use:

• To plan routes only in the interface, all you need are the company ID and the account linked to the company. For more information, see Registration.

• To use the Planning API, you need an API key.

• To use the Track & Trace API and some features of the Planning API (such as geofences from the Master data), you need an OAuth token.

Relationship of objects

API key

Overview

Route planning API uses an access key for authentication. Pass it in the request using the HTTP POST method as an apikey parameter value.

There are two ways to get a key:

• Using the Yandex Developer Dashboard, a special portal that allows you to generate keys for the APIs of various Yandex services. The key you obtain this way has a limited validity period and some other characteristics. After receiving the key to access Routing Workspace, you need to contact your manager.

• In the web interface of the service (Company section). If you already registered in RouteQ, a key was created automatically and you don't need to get it in Yandex Developer Dashboard. After you pay for the service, the key's validity period is extended.

Getting a key in the Yandex Developer Dashboard

1. Log in to Yandex with the username you are going to use with the API.

2. Go to the Yandex Developer Dashboard and click Connect APIs.

3. Select RouteQ: Planning and Track & Trace and click Continue.

4. Fill out the form and click Submit.

5. In the window that opens, click Go to API.

6. The page of your keys for the RouteQ API opens. It usually takes up to 15 minutes to activate a new key, after which you can use it.

Using an API key

Example of a request with authorization via an API key:

curl -H "Content-Type: application/json" -X POST -d <request_body> https://courier.yandex.ru/vrs/api/v1/add/mvrp?apikey=<your_API_key> 

In the request body, replace <your_API_key> with the obtained API key.

For more information about managing API keys in Yandex Developer Dashboard, see the documentation.

OAuth token

Overview

To work with Planning and some Track & Trace features (such as geofences from the Master data), you can use an OAuth token. OAuth token requirements:

• The token must be created for a user who's an administrator in the company.
• The token mustn't be revoked. For more information, see Token lifetime.

For more information about getting a token, see the service documentation.

Using an OAuth token

Example of a request with authorization via an OAuth token:

curl -H "Content-Type: application/json" -H "Authorization: OAuth <your-token>" -X POST -d <request body> https://courier.yandex.ru/api/v1/vrs/add/mvrp

In the Authorization: OAuth <your-token> header, change <your-token> to the OAuth token that you received for Track & Trace.

If you use token-based authorization for planning, the task in the solution history will be displayed with the email of the user who was issued the token. To allocate tasks between regions, depots, or distribution centers, you can use different tokens issued to different email addresses of your administrators. For example, if you work in two regions, you can create two email addresses: region_1@example.com and region_2@example.com.