nikitoktok/oauth2-yandex-id

Yandex ID provider for the PHP League OAuth2 Client

Maintainers

Package info

github.com/Nikitoktok/yandex-oauth2-client

pkg:composer/nikitoktok/oauth2-yandex-id

Statistics

Installs: 41

Dependents: 0

Suggesters: 0

Stars: 0

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

v1.1.0 2026-02-03 19:29 UTC

Requires

MIT 3efdf0f10d7bc5a5ec8f5ffdfff6bf42e4920fc6

oauth2yandexleagueyandex-id

This package is auto-updated.

Last update: 2026-03-31 19:46:12 UTC

README

Yandex ID provider for league/oauth2-client.

Installation

composer require nikitoktok/oauth2-yandex-id

Usage (Authorization Code)

<?php

use Nikitoktok\Provider\Yandex;

$provider = new Yandex([
    'clientId' => 'your-client-id',
    'clientSecret' => 'your-client-secret',
    'redirectUri' => 'https://example.com/oauth/callback',
    // Optional: override base URLs
    // 'baseUrl' => 'https://oauth.yandex.com',
    // 'resourceOwnerUrl' => 'https://login.yandex.ru/info',
    // Or use snake_case aliases:
    // 'base_url' => 'https://oauth.yandex.com',
    // 'resource_owner_url' => 'https://login.yandex.ru/info',
]);

$authorizationUrl = $provider->getAuthorizationUrl([
    // Example scopes:
    // 'scope' => ['login:info', 'login:email', 'login:avatar'],
]);

$state = $provider->getState();
// Store $state in session and redirect to $authorizationUrl

After redirect:

<?php

use League\OAuth2\Client\Provider\Exception\IdentityProviderException;

// $_GET['state'] must match the stored $state
// $_GET['code'] is returned by Yandex

try {
    $accessToken = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code'],
    ]);

    $resourceOwner = $provider->getResourceOwner($accessToken);

    $yandexId = $resourceOwner->getId();
    $email = $resourceOwner->getEmail();
    $avatarUrl = $resourceOwner->getAvatarUrl();
} catch (IdentityProviderException $e) {
    // Error while fetching token or user info
}

Endpoints

  • Authorization URL: https://oauth.yandex.com/authorize
  • Token URL: https://oauth.yandex.com/token
  • User info: https://login.yandex.ru/info?format=json

Notes

  • User info requests are sent with the Authorization: OAuth <token> header (the recommended method by Yandex).

Scopes / permissions

Yandex ID uses permissions (scopes) configured for the OAuth app. Typical scopes seen in examples: login:info, login:email, login:avatar. Verify the available permissions for your app in the Yandex console.

ResourceOwner helpers

  • getId()
  • getLogin()
  • getDisplayName()
  • getFirstName() / getLastName() / getRealName()
  • getEmail() / getEmails()
  • getGender() / getBirthday()
  • getDefaultPhone()
  • getAvatarId() / getAvatarUrl() / isAvatarEmpty()
  • getPsuid()
  • toArray()

License

MIT