Developer's reference guide

Authentication

To use the Yandex.Metrica API, you must get an access token from the Yandex OAuth server. The token must be sent with all requests that require authentication. If an API method is invoked without authentication, or the request includes an invalid token, the Yandex.Metrica server returns the HTTP status 401 Unauthorized.

Note. 

You can debug GET methods in a browser without a token. To do this, you must sign in via Yandex.Passport.

Access tokens can have different levels of access, which are assigned when tokens are issued and cannot be changed later. The access levels are:

  • “Read only” — Allows you to call methods that return information about objects, such as statistics or counter parameters.
  • “Edit” — Allows you to call any API methods, including those for creating and deleting objects and modifying object parameters.

When using a “Read-only” token to invoke a method that modifies data, the response returned is the HTTP status 403 Forbidden.

For more information about authentication and authorization, read the document OAuth authentication. Developer's guide. This document also provides recommendations for client application developers.

How to get a token for application development and debugging is described in the section Debugging token.

oauth.yandex.com access token token