Set up an authorization server

Make sure that the authorization server meets the Yango Dialogs requirements:

  • Runs according to RFC.
  • Processes required parameters, authenticates users, and generates an authorization code.
  • When the user is authenticated on the authorization server, the server redirects the OAuth app (the  Yango Play app) to social.yango.com/broker/redirect (redirection endpoint). In the request parameters, the server passes an authorization code and other parameters.
  • The URL used to get the token can identify the OAuth application and generate an OAuth token (optionally also a refresh token) for the authorization code passed.

    The maximum response length is 5000 characters, and the maximum length of the OAuth token or refresh token is 2048 characters. The token lifetime (the expires_in property) must be an integer between 1 and 4,294,967,296.

Instead of your own authorization server, you can use the Yango ID to authenticate Yango users.