An IAM token is a unique sequence of characters issued to a user after authentication. The user needs this token for authorization in the Yandex.Cloud API and access to resources.
Using the token
Specify the received IAM token when accessing Yandex.Cloud resources via the API. Pass the IAM token in the
Authorization header in the following format:
Authorization: Bearer <IAM-TOKEN>
In the management console and the command line interface (CLI), the token is obtained and used without the user needing to do anything.
The IAM token is valid for no more than 12 hours, but we recommend requesting a new token more often, like every hour. This lets you avoid situations where your only token expires right before IAM can't generate a new token for some reason.
The IAM token lifetime can be less than 12 hours if:
The metadata service returns the remaining token lifetime along with the IAM token. Account for your token lifetime or request the token more often, like once per hour or with every operation.