Developer Access

Access to Yahoo’s Mail services is one of the top requests we receive from the application developer community. We welcome interesting ideas and products which aim at elevating the email experience for our customers.

Developer Access

Access to Yahoo’s Mail services is one of the top requests we receive from the application developer community. We welcome interesting ideas and products which aim at elevating the email experience for our customers.

Access Request

Access to Yahoo’s Mail services is one of the top requests we receive from the application developer community. Click here to learn more.

Access Request

Access to Yahoo’s Mail services is one of the top requests we receive from the application developer community. Click here to learn more.

How to request access

Access to Yahoo’s Mail services is one of the top requests we receive from the application developer community. We welcome interesting ideas and products which aim at elevating the email experience for our customers.

While we no longer support proprietary Mail API’s we are happy to provide access through standard interfaces such as IMAP, CardDav, and CalDav with Oauth2 support, subject to our policies including the restrictions in this document.

To protect the security and privacy of our users, those scopes are not available for self-served setup in the developer console.

Instead, third parties providing applications or services which require access to our consumers’ data on their behalf have to apply for access and provide evidence that they are honoring our policies and guidelines.

Developers can request commercial access to IMAP, CalDav, and CardDav for AOL, Yahoo and Verizon.net email consumers by filling out this form. Developers can also reach out to mail-api@yahooinc.com for any questions.

Please be sure you read and understood our policy before reaching out.

Our Policy

Access to restricted scopes is governed by our policy. Developers must meet our security and privacy requirements to be accepted into the program.

Our Policy

Access to restricted scopes is governed by our policy. Developers must meet our security and privacy requirements to be accepted into the program.

Our policy details

Developers must be honest and accurate in their request and description of their application or service they are requesting access for. Developers need to provide clear information about the identity of the application or service and the requestor. Developers must accurately and thoroughly describe their application and services and how they will use and control data obtained through our APIs.

Use of APIs
Developers may only use the approved APIs to provide services directly to our customers. Developers are not allowed to build services on top of our APIs which are intended to re-create the functionality those APIs provide and offer them for use by other non-approved third parties.

Use of Data
Developers may only use the data available through our APIs to provide relevant, user-facing functionality aimed at improving or augmenting the email, calendar and contact experience through the approved application. For example, using the data for the user-facing functionality to provide consumer benefits of flight or expense tracking is permitted. Developers may not transfer or sell the data to other third parties. In addition, the data may not be used to create audience or user targeting segments for advertising, profiling for content personalization, monetization, or email engagement tracking purposes or for other purposes not directly related to the user-facing functionality. Sharing data with third parties to provide the user facing functionality or sharing data created by such functionality with third parties for consumer research or other reasons is not permitted.

Developers Privacy Policy and Disclosures
Developers’ privacy and security policies and all related in-product notifications need to be easily accessible to the user and accurate. Developers’ policies must disclose all manners in which the application or service is collecting and using data received from Yahoo, what data is collected and used and how users can control that access. In addition developers must comply with all applicable laws and regulations.

Developers’ application must be honest and transparent with users and provide the exact purpose for requiring access to Yahoo mail data. The application or service must notify users and collect consent for each use case requiring access.

Security
Developers are required to demonstrate that their application and services meet minimum security standards to mitigate the risk of data breach and ensure the secure handling and storage of data obtained through Yahoo’s APIs.

Enforcement
Developers agree to use our APIs in accordance with our APIs Terms of Use and any additional terms that we require Developers agree to in order to access our APIs. If a Developer is found not to be in compliance with any of the foregoing terms, this policy, or any other Yahoo policy that is applicable to the APIs, without limiting any other remedies Yahoo may have, Yahoo may revoke or suspend the Developer’s access to the APIs and other Yahoo products and services.

Unless otherwise prohibited, Yahoo reserves the right to revoke access to the APIs at any time and to impose rate limiting if appropriate or necessary.

OAuth2 Guidelines

For details on how to use and integrate with our Oauth2 implementation, please refer to our guidelines and documentation.

Learn more

OAuth2 Guidelines

For details on how to use and integrate with our Oauth2 implementation, please refer to our guidelines and documentation.

IMAP/SMTP Documentation

Learn more about how to interact with our IMAP & SMTP servers via Oauth2, supported scopes as well as mail, contacts & calendar endpoints.

Learn more

IMAP/SMTP Documentation

Learn more about how to interact with our IMAP & SMTP servers via Oauth2, supported scopes as well as mail, contacts & calendar endpoints.