Identity and Access Management API, REST: IamToken.Create

Written by

Updated at May 27, 2026

HTTP request
Body parameters
Response

Create an IAM token for the specified identity.

HTTP request

POST https://iam.api.cloud.yandex.net/iam/v1/tokens

Body parameters

{
  // Includes only one of the fields `yandexPassportOauthToken`, `jwt`
  "yandexPassportOauthToken": "string",
  "jwt": "string"
  // end of the list of possible fields
}

Field

Description

yandexPassportOauthToken

string

OAuth token for a Yandex account.
For more information, see OAuth token.

The maximum string length in characters is 4000.

Includes only one of the fields yandexPassportOauthToken, jwt.

jwt

string

JSON Web Token (JWT) for a service account.
For more information, see Get IAM token for a service account.

The maximum string length in characters is 8000.

Includes only one of the fields yandexPassportOauthToken, jwt.

Response

HTTP Code: 200 - OK

{
  "iamToken": "string",
  "expiresAt": "string"
}

Field

Description

iamToken

string

IAM token for the specified identity.
You should pass the token in the Authorization header for any further API requests.
For example, Authorization: Bearer iamToken``.

expiresAt

string (date-time)

IAM token expiration time.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

Identity and Access Management API, REST: IamToken.Create

HTTP requestHTTP request

Body parametersBody parameters

ResponseResponse

Was the article helpful?

HTTP request

Body parameters

Response