BrightRoll DSP API supports the OAuth 2.0 protocol.

BrightRoll DSP API uses OAuth 2.0 as a simple and secure method for validation and access. The authorization model is open and based on existing standards, which ensure that secure credentials can be provisioned and verified by different software platforms.

To perform authentication, meet the prerequisites and follow the one-time OAuth setup process.

To initiate an API session, generate both of the following tokens:

Token Description
ACCESS_TOKEN A token that expires in one hour. Obtain a new token periodically in order to make successful API calls.
REFRESH_TOKEN A token that stays constant. Use the same refresh token every time you make API calls.


To access the BrightRoll DSP API:

  • External Users: You will need a valid e-mail address. BrightRoll DSP will send an invite e-mail to this address for on-boarding your account. If you already have access to the DSP UI, please DO NOT use the same e-mail address you use to login to the UI. For access to API (Reporting and Traffic), ask your Account Manager to: 1) register your e-mail address to your BrightRoll DSP seat, 2) enable the API access flag, 3) select OAUTH as the Auth Type.
  • Internal Yahoo Users: Obtain a valid e-mail address if you do not already have one. Ask Product Support to: 1) register the e-mail address to your BrightRoll DSP seat, 2) enable the API access flag, 3) select OAUTH as the Auth Type.


For internal Yahoo users, address will not work, you will need to create a new e-mail address.


The invite e-mail is valid for only 72 hours.

OAuth Setup

Perform the one-time OAuth setup process. You will use the OAuth token in all your subsequent requests.


If you are on the Yahoo corporate network, follow this procedure using an incognito browser window.

The OAuth setup process involves the following procedures, reviewed in detail below:

  • Sign up for the Yahoo Developer Network (YDN)
  • Create a YDN app

For detailed information on Yahoo’s implementation of the OAuth standard, see the documentation OAuth Authorization Model on the Yahoo! Developer Network.

Sign Up For YDN

  1. Navigate to
  2. Click the Sign In button.
  3. Sign into the Yahoo Developer Network using the e-mail credentials you created in the Prerequisites section above.


Be sure to sign up or sign in using a YDN account. Do not use a pre-existing Flurry account. Flurry apps cannot access Brightroll DSP data.

Create YDN App

Token Description
Application Name Choose a name you will remember.
Application Type Select Web Application.
Callback Domain (required) Although, the callback domain is not used in the API workflow, it is a mandatory field in this form. Set it to a domain to which you want the user to be re-directed in case of an API failure.
API Permissions Select Yahoo Gemini Advertising (Read/Write).

After you create the app, record the CLIENT_ID and CLIENT_SECRET displayed at the top of the page. The CLIENT_ID is also known as the Consumer Key.

Get Authorization Code

The final step in the one-time setup is to authorize access and get an autorization code which will be used later to generate the access token.

Send a request to the URL below, substituting CLIENT_ID with the Client ID you received after creating the YDN App.

This will give you an authorization code (look for the code parameter in the URL), which contains alphanumeric characters (for example k3bgqm3).

We will refer to this code as APPLICATION_ACCESS_CODE in subsequent documentation. Save this code.

This concludes the one-time setup process. Now you can proceed to Tokens page for documentation on how to generate the access token that you will use to make API calls.