Authentication in the API

    To perform operations in Yandex.Cloud via the API, you need to authenticate using your account.

    To perform operations with a Yandex account, you need an IAM token:

    1. Get an IAM token for your Yandex account.

    2. Specify the received IAM token when accessing Yandex.Cloud resources via the API. Pass the IAM token in the Authorization header in the following format:

      Authorization: Bearer <IAM-TOKEN>
      

      IAM tokens are valid for 12 hours. To keep your token valid, request it more often (for example, once per hour).

    The service supports two authentication methods based on service accounts:

    • Using API keys.

      API keys do not expire. This means that this authentication method is simpler, but less secure. Use it if you can't automatically request an IAM token.

      1. Get an API key.

      2. Specify the received API key when accessing Yandex.Cloud resources via the API. Pass the API key in the Authorization header in the following format:

        Authorization: Api-Key <API key>
        
    • Using an IAM token:

      1. Get an IAM token.

      2. Specify the received IAM token when accessing Yandex.Cloud resources via the API. Pass the IAM token in the Authorization header in the following format:

        Authorization: Bearer <IAM-TOKEN>
        

        IAM tokens are valid for 12 hours. To keep your token valid, request it more often (for example, once per hour).

    See also