❗️Yango Deli authentication in the Partner’s system

OAuth 2.0 is always used for pull-method authorization. The Partner must set up this scheme on their server. Then access credentials must be provided through the manager, specifically:

  • server address for sending requests (domain only, IP addresses are not supported);
  • client_id;
  • client_secret.

Using these credentials, Yango Deli requests a token by making a POST request to {host}/security/oauth/token. Values of client_credentials and read write are passed in the grant_type and scope parameters respectively.

Expected response header is Content-type: application/json.

With the obtained token, Yango Deli performs subsequent requests, placing it in the header as Authorization: Bearer token.

Request example
curl --location --request POST 'https://test.ru/security/oauth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=abv123' \
--data-urlencode 'client_secret=456vba' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=read write'

Note

Content-type headers in request and response are different.

Request

POST

/security/oauth/token

Body

application/x-www-form-urlencoded
{
    "client_id": "987",
    "client_secret": "g8bKdBiIR9MutCObuexDm7nsgkaXU",
    "grant_type": "client_credentials",
    "scope": "read write"
}

Name

Description

client_id*

Type: string

Example: 987

client_secret*

Type: string

Example: g8bKdBiIR9MutCObuexDm7nsgkaXU

grant_type*

Type: string

Example: client_credentials

scope*

Type: string

Example: read write

Responses

200 OK

Authentication successful.

Body

application/json
{
    "access_token": "CObuexDm7nsgkaXUg8bKdBiIR9Mut",
    "expires_in": 300
}

Name

Description

access_token*

Type: string

expires_in

Type: integer

Token lifetime in seconds. Default values for nomenclature – 5 minutes, for orders – 1 hour.

Example: 300

400 Bad Request

Request error. An array with an object from the error list is expected in the response.

Body

application/json
[
    {
        "code": 400,
        "description": "Description of error"
    }
]

ErrorItem[]

ErrorItem

Name

Description

code*

Type: integer

Numeric error code agreed with Yango Deli.

Example: 400

description*

Type: string

Error description

Example: Description of error

500 Internal Server Error

Request error. An array with an object from the error list is expected in the response.

Body

application/json
[
    {
        "code": 400,
        "description": "Description of error"
    }
]

ErrorItem[]

No longer supported, please use an alternative and newer version.

Previous
API resources
Next
Partner authentication in the Yango Deli system