The Yahoo! Messenger IM APIs support both
PLAINTEXT encryption methods. The following example shows an
GET request that retrieves a contact list using the Direct OAuth credentials.
Requests to Yahoo! APIs and Web services that require OAuth authorization must provide the OAuth credentials either via query
parameters or via an Authorization header. Credentials in the
POST body are not supported.
PLAINTEXT, the OAuth signature should be the Shared Secret key that was generated by developer.yahoo.com with an ampersand character '&' appended onto the end, followed by the
oauth_token_secret returned from the previous call. See here for more information.