• All API requests must be authorized using Service Token or an API Key.
  • Using Service Token is the most secure way, adding secret token that is completely encoded during transmission.

If you have to use an API Key then continue reading this page.

The API key must be used for reading and it prohibited for use on the backend!


An API key is a unique identifier that you provide when making API calls. You include this identifier in a query parameter called key.

Example: ?key=123

Use this type of authorization in environments where the source code of your application is visible to the potential attacker (such as client-side web applications).

Your MapTiler account API key is on your MapTiler Cloud account page or Get your FREE API key in the MapTiler Cloud.

We recommend reading the article How to protect your map key to protect your account and data.

If your source code is not going to be visible then we highly recommend you use the more secure Service Credentials and Service Token authentication.