Service token

  • All API requests must be authenticated using a service token or an API key.
  • Service token is the most secure way, using a secret token that is completely encoded during transmission.

When to use a service token

Service tokens are ideal for use in desktop, server, or mobile applications. They add a digital signature to each request, so it’s impossible to steal the credentials during transmission. The secret token provided as part of your credentials is much more secure and prevents misuse. It is designed for internal use in companies to manage MapTiler account.

If you want to add new tilesets, update them, change their metadata, or delete them, read Managing maps using the Service API.

Do not use this type of authorization in environments where the source code of your application is visible to the potential attacker (such as client-side web applications). Keep this token private – treat it the same way as you would a password.

If your source code is visible, use API key instead.

Get your service token

To create a service token, go to your MapTiler account, page Credentials. Create New Credential and copy the token. It will look like this:

Token cd43c591d8404400a11e2fre48afedc9_f80f4be2adf86dfb6bc489229669877d6cfcad293f48ffe6e77898f25ab65607

To learn how to use the token, go to how to securely sign requests to MapTiler API.

On this page

    Was this helpful?