Note: when your RAG pipeline requires a local LLM and data absolutely cannot leave Russia, GigaChat from Sber becomes the only choice. Integrating GigaChat API via OAuth 2.0 and GigaChain is the standard path for production in government and finance. We have faced this in projects for contact centers, CRM, and chatbots. This article covers how to connect GigaChat correctly, without 'surprises' with tokens and certificates. GigaChat API integration includes setting up OAuth 2.0, selecting the right model, and ensuring stable production operation. Based on our experience, implementing GigaChat reduces operational costs for client support by 30–50% by automating typical requests.
Why GigaChat for Russian B2B?
GigaChat is the only major LLM physically located in Russia and compliant with 152-FZ on personal data. For banks, insurance, and government sectors, this is critical. Additionally, GigaChat supports multimodal requests (text + images) and integrates easily with LangChain via GigaChain, accelerating AI assistant development. As stated in Sber documentation, OAuth 2.0 requires a unique RqUID for each request.
Problems We Solve
OAuth 2.0 and Token Management. Sber uses a custom OAuth implementation: access_token lives for 30 minutes, requires a unique RqUID and Basic authorization. Without automatic refresh in production, the client gets a 401 error every half hour. We solve this with a caching client that refreshes with a 5-minute buffer.
Model Selection. The base GigaChat (8k context) works for tests, but real tasks need GigaChat-Plus (12k) or Pro (16k). On financial queries, GigaChat-Pro is 30% more accurate than base. For long dialogues and RAG, GigaChat-Max with a 32k token window—4x larger than base—handles complex contexts.
Latency and Reliability. In production, p99 latency (target < 2 sec) and network error handling matter. We implement retry logic with exponential backoff and monitor CPU/GPU utilization.
How We Integrate GigaChat API End-to-End
Let's walk through a typical project: a bank chatbot answering client questions.
Getting Access
# 1. Register at developers.sber.ru
# 2. Create a project and get client_id / client_secret
# 3. OAuth 2.0 authorization to get access_token
import requests
import base64
import uuid
CLIENT_ID = "your-client-id"
CLIENT_SECRET = "your-client-secret"
SCOPE = "GIGACHAT_API_PERS" # For individuals
# GIGACHAT_API_B2B for business
# GIGACHAT_API_CORP for corporate
def get_access_token() -> str:
credentials = base64.b64encode(f"{CLIENT_ID}:{CLIENT_SECRET}".encode()).decode()
response = requests.post(
"https://ngw.devices.sberbank.ru:9443/api/v2/oauth",
headers={
"Authorization": f"Basic {credentials}",
"RqUID": str(uuid.uuid4()),
"Content-Type": "application/x-www-form-urlencoded",
},
data={"scope": SCOPE},
verify=False, # Sber's self-signed certificate
)
return response.json()["access_token"]
Making a Basic Request
After getting the token, send a request to chat/completions. The token only lives 30 minutes, so automatic refresh is mandatory. Below is a client with token caching.
def gigachat_chat(prompt: str, access_token: str) -> str:
response = requests.post(
"https://gigachat.devices.sberbank.ru/api/v1/chat/completions",
headers={"Authorization": f"Bearer {access_token}"},
json={
"model": "GigaChat",
"messages": [{"role": "user", "content": prompt}],
"temperature": 0.1,
"max_tokens": 1024,
},
verify=False,
)
return response.json()["choices"][0]["message"]["content"]
# With token caching
from datetime import datetime, timedelta
class GigaChatClient:
def __init__(self, client_id: str, client_secret: str):
self.client_id = client_id
self.client_secret = client_secret
self._token = None
self._token_expires = None
def _ensure_token(self):
if not self._token or datetime.now() >= self._token_expires:
self._token = get_access_token()
self._token_expires = datetime.now() + timedelta(minutes=25) # 5-minute buffer
def chat(self, messages: list[dict], model: str = "GigaChat") -> str:
self._ensure_token()
response = requests.post(
"https://gigachat.devices.sberbank.ru/api/v1/chat/completions",
headers={"Authorization": f"Bearer {self._token}"},
json={"model": model, "messages": messages, "temperature": 0.1},
verify=False,
)
return response.json()["choices"][0]["message"]["content"]
GigaChain — LangChain for GigaChat
from langchain_community.chat_models import GigaChat
from langchain_core.messages import HumanMessage, SystemMessage
chat = GigaChat(
credentials="Base64(client_id:client_secret)",
scope="GIGACHAT_API_PERS",
model="GigaChat",
verify_ssl_certs=False,
streaming=False,
)
response = chat.invoke([
SystemMessage(content="You are a financial consultant"),
HumanMessage(content="Explain the key rate of the Central Bank of Russia"),
])
print(response.content)
GigaChat Models: Which to Choose for the Task
| Model | Description | When to Choose |
|---|---|---|
| GigaChat | Base, context window 8k tokens | Simple chatbots, testing |
| GigaChat-Plus | Improved accuracy and speed, 12k tokens | CRM, contact centers |
| GigaChat-Pro | Maximum quality, 16k tokens | Analytics, report generation |
| GigaChat-Max | Flagship, context window 32k tokens | Full AI assistants, RAG |
In our A/B tests on financial tasks, GigaChat-Pro shows 30% higher accuracy than the base model. For most production scenarios, GigaChat-Plus suffices. For long dialogues or document processing, use GigaChat-Max.
Case Study: Bank Contact Center
A bank contact center used GigaChat for automated answers to client questions about products. The main requirement was data localization per 152-FZ. We integrated GigaChat with the internal CRM via REST API, set up token caching and retry logic. Result: response time dropped by 40%, operator load by 60%. Average cost per inquiry fell from 200 to 100 rubles. The investment paid back in 6 months. The system processed about 5000 requests daily with 92% answer accuracy.
Project Work Process
| Stage | Duration | What We Do |
|---|---|---|
| Analysis | 1-2 days | Identify use cases, load (RPS, tokens per minute) |
| Design | 1-2 days | Select model, set up OAuth, design flow (with or without RAG) |
| Implementation | 3-5 days | Write integration code, wrappers, tests (unit + integration) |
| Testing | 1-2 days | Check p99 latency (target < 2 sec), response correctness, edge cases |
| Deployment | 1 day | Set up CI/CD, monitoring, alerting on auth errors |
Step-by-Step Integration Plan
- Register application on developers.sber.ru — get credentials.
- Set up OAuth with automatic token refresh (as in example above).
- Choose model — test GigaChat-Plus, Pro, or Max on your data.
- Develop a Python wrapper or use GigaChain.
- Integrate with business logic (CRM, chatbot, RAG).
- Load test — verify p99 latency and fault tolerance.
- Deploy and monitor — configure alerts on auth errors and response time exceedances.
Deployment with Docker
For fast deployment, containerize. Example Dockerfile:
FROM python:3.11-slim
WORKDIR /app
COPY requirements.txt .
RUN pip install -r requirements.txt
COPY . .
CMD ["python", "app.py"]
Run: docker build -t gigachat-client . && docker run -d -p 8000:8000 gigachat-client
Estimated Timelines
- Access + basic integration: 2–3 days.
- GigaChain/LangChain integration: 1 week.
- Production with token refresh and retries: +2–3 days.
What Our Work Includes
Fixed scope: API documentation, OAuth with automatic refresh, Python wrappers (including GigaChain), test scenarios, deployment instructions, and one month of support. Training for your developers available on request.
Quality Guarantee
Our experience: over 10 projects with GigaChat and 5 years on the AI integration market. We use production-proven approaches: CPU/GPU monitoring, automatic token refresh, network error and certificate handling. Reference: OAuth 2.0 and LangChain.
If you have custom requirements, contact us for a free project assessment. Get a consultation — we'll help choose the optimal integration model for your business. Order an audit of your current solution — we'll propose a modernization plan within 2 days.







