Please note the following recommendations when using OAuth authentication with Yahoo Messenger.
PLAINTEXTmethod of signature calculation so that value of timestamp parameter is ignored.
Authorizationheader. Credentials in the
POSTbody are not supported.
The OAuth credentials that must be passed into a Yahoo Messenger IM API request are as follows:
This is a constant string "
This is the API key (OAuth Consumer Key) that was generated by developer.yahoo.com.
This is a cryptographic nonce, a random number of your choosing. Once used, the number should not be used again.
The signature method used to cryptographically sign API requests, such as "
PLAINTEXT" or "
This is an integer timestamp, represented as the number of seconds since the epoch. Note that if your system presents its timestamps as milliseconds since epoch, you should divide that number by 1000.
This is the token that was returned by the previous PART exchange API call.
This is the constant string "1.0".
The Consumer Secret that was issued to the application. If you are using the
PLAINTEXT signature method, concatenate %26 at the end of the Consumer Secret, and then concatenate
oauth_token_secret from the previous call. For more information about signing requests, refer to Signing Requests at Yahoo!