All API requests must be authorized using a Token or an API Key.

Using a token is the most secure way, adding a digital signature that is completely encoded during transmission.

Read about API Keys authentication.

Token Auth

When to use Token Authorization for MapTiler Cloud

Tokens are ideal for use in desktop or mobile applications, adding a digital signature to each request. This makes it impossible to steal the credentials during transmission. Token authorization provides much better security and prevents credentials misuse.

DO NOT use this type of authorization in environments where the source code of your application is visible to the potential attacker (such as client-side web applications). Keep this token private – treat it the same way as you would a password.

How to use Token Authorisation

Your MapTiler token is available on your MapTiler Cloud account page, in the Credentials section. Get your Token in the MapTiler Cloud.

For more information, read this guide to using securely signed requests to the MapTiler Cloud API

Example Token:

Token cd43c591d8404400a11e2fre48afedc9_f80f4be2adf86dfb6bc489229669877d6cfcad293f48ffe6e77898f25ab65607

Don’t forget to set the Authorization header in the form of Token {YOUR_TOKEN}, so we know it’s you making the requests.