API access
Applications use the OAuth 2.0 protocol to access Yandex Tracker API.
If your app is written in Python, you can use our Python client with the API.
In Tracker API requests, specify the following headers:
-
Host: https://api.tracker.yandex.net -
Authorization: OAuth <OAuth_token>: If OAuth 2.0 is used.Authorization: Bearer <IAM_token>: If an IAM token is used. -
X-Org-ID or X-Cloud-Org-ID: <organization_ID>.If you only have a Yandex Cloud Organization organization, use the
X-Cloud-Org-IDheader; if only Yandex 360 for Business or both organization types, useX-Org-ID.You can copy the organization ID from the Tracker organization page.
Getting access to the API via OAuth 2.0
OAuth 2.0 allows applications to access Yandex services on behalf of the user. For information about basic OAuth concepts and the Yandex implementation of the protocol, see the OAuth for Yandex ID documentation.
To get access to Yandex Tracker API:
-
Register the application in Yandex OAuth:
-
Follow this direct link: https://oauth.yandex.com/client/new/.
-
Under Platforms, select the platform you need and specify its parameters.
If you are developing or testing an application, use a debug token. To get it, select Web services and, in the Redirect URI field, enter the default value from the Enter URL for debugging prompt:
https://oauth.yandex.com/verification_code. -
Under Data access, select Tracker access permissions that your application needs:
-
Write in tracker (tracker:write) to allow any operations with data, such as creating, deleting, and editing.
-
Read from tracker (tracker:read) to only allow data reads.
-
-
-
Get an OAuth token:
-
In your Yandex OAuth account, select the previously created application and copy its ID from the ClientID field. Next, generate a link to request a token:
https://oauth.yandex.com/authorize?response_type=token&client_id=<application_ID> -
Follow the link and copy the OAuth token.
Tip
If you need a confirmation code from a user to get an OAuth token, follow the guide in the Requesting an OAuth token using a confirmation code section.
-
-
Use the obtained token in the
Authorizationheader when making requests to the Tracker API. The OAuth token grants the same permissions as those of the user account in Tracker. For example, if the user is not allowed to change queue settings, API requests to change queue settings will not be available using this token. -
To check if you have access to the API, request information about the current user.
If no access permission is granted, you will get a response with the
401 Unauthorizedcode.
Access the API with an IAM token
An IAM token is a unique sequence of characters issued to a user after authentication. The user needs this token for authorization in the Yandex Tracker API and to access resources. Read more about this authentication method in the documentation of the identification and access control service.
Note
The IAM token is valid for no more than 12 hours and is limited by the cookie lifetime for the federation. After the lifetime expires, the 401 Unauthorized error is returned.
Python client
When developing applications in Python, you can use the yandex_tracker_client package, a client that makes it easier to work with Tracker API.
To start using the client:
-
Download and install the latest Python version from https://www.python.org/downloads/.
-
From your OS command line, run:
pip install yandex_tracker_client -
Get an OAuth token and your organization ID to access the API.
To find out the organization ID, go to the Tracker settings page. The ID is shown in Organization ID for API.
-
Initialize the client in your program code:
from yandex_tracker_client import TrackerClient client = TrackerClient(token=<OAuth_token>, org_id=<organization_ID>)Here,
<OAuth_token>is your OAuth token and<organization_ID>is your organization ID.
In the client, use the same data format as in the Tracker API.
For more information about how the client works and its terms of use, see its page on GitHub: https://github.com/yandex/yandex_tracker_client.