All API requests must be authorized using a Token or an API Key.

Using a token is the most secure way, adding a digital signature that is completely encoded during transmission.

Read about Token Auth authentication.


An API key is a token that you provide when making API calls. Include the token in a query parameter called key.

Example: ?key=123

Use this type of authorization in environments where the source code of your application is visible to the potential attacker (such as client-side web applications).

Your MapTiler account API key is on your MapTiler Cloud account page or Get your FREE API key in the MapTiler Cloud.

We recommend reading the article How to protect your map key to protect your account and data.