Yandex 360 for Business DNS API was updated

dnsapi2.md

@@ -2198,13 +2198,19 @@ Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issu
 2. [Create an OAuth application at Yandex ID](https://oauth.yandex.ru/client/new).
 3. Choose "Web services" platform.
 4. Set Redirect URI to `https://oauth.yandex.ru/verification_code`.
-5. Select the "Manage DNS records" (directory:manage_dns) permission.
+5. Select the following permissions:
+    - "Manage DNS records" (directory:manage_dns)
+    - "Read organization data" (directory:read_organization) (optional if the user exports the YANDEX360_ORG_ID variable manually)
+    - "Read organization domain data" (directory:read_domains)
 6. Save the Client ID and Client Secret.
 
 ### b. Obtain Yandex 360 Organization ID:
 
+*This step is optional as the Organization ID can be obtained automatically. However, the user can specify it manually as described below.*
+
 1. After setting up the OAuth application, [visit Yandex 360 for Business Administration](https://admin.yandex.ru/).
-2. In the lower-left corner of the page, find and note the Organization ID.
+2. In the upper-left corner of the page, select the correct organization from the list if you have multiple organizations.
+3. In the lower-left corner of the page, find and note the Organization ID.
 
 ### c. Set up environment variables:
 
@@ -2217,7 +2223,7 @@ Export the following variables:
 ```
 export YANDEX360_CLIENT_ID="your_client_id"
 export YANDEX360_CLIENT_SECRET="your_client_secret"
-export YANDEX360_ORG_ID="your_organization_id"
+export YANDEX360_ORG_ID="your_organization_id"  # optional if directory:read_organization permission is granted
 ```
 
 #### ii. Manually obtained access token:
@@ -2231,7 +2237,7 @@ export YANDEX360_ORG_ID="your_organization_id"
 
 ```
 export YANDEX360_ACCESS_TOKEN="your_access_token"
-export YANDEX360_ORG_ID="your_organization_id"
+export YANDEX360_ORG_ID="your_organization_id"  # optional if directory:read_organization permission is granted
 ```
 
 ### d. Issue/renew certificate:
@@ -2242,7 +2248,7 @@ Use the `acme.sh` command with the `--dns dns_yandex360` parameter. For example:
 acme.sh --issue --dns dns_yandex360 --dnssleep 600 -d example.com -d *.example.com
 ```
 
-When using OAuth you will need to complete an one-time authorization procedure:
+When using OAuth you will need to complete a one-time authorization procedure:
 1. On first run, the script will initiate the device authorization process.
 2. You'll be prompted to visit a URL and enter a code for authorization.
 3. After successful authorization, the access token will be obtained automatically.
@@ -2253,6 +2259,7 @@ When using OAuth you will need to complete an one-time authorization procedure:
 - If you are using the manual token method, you will need to update `YANDEX360_ACCESS_TOKEN` manually due to the limited token lifespan.
 - Ensure you include the `--dnssleep` option with a value of at least 600 seconds (10 minutes) to account for the slow DNS record propagation on Yandex 360 DNS.
 - Whenever possible, use the OAuth method as it provides automatic token refresh and a higher level of security.
+- Yandex 360 Organization ID can be obtained automatically if the "Read organization data" (directory:read_organization) permission is granted. If not, you must export `YANDEX360_ORG_ID` variable manually.
 - [You can learn more about the Yandex 360 for Business DNS API access procedure here.](https://yandex.ru/dev/api360/doc/concepts/access.html)
 - [You can learn more about the OAuth device authorization flow here.](https://yandex.ru/dev/id/doc/ru/codes/screen-code-oauth)
 - [You can learn more about obtaining debug tokens here.](https://yandex.ru/dev/id/doc/ru/tokens/debug-token)