• All API requests must be authorized using Service Token or an API Key.
  • Using Service Token is the most secure way, adding secret token that is completely encoded during transmission.

Service Token

When to use Service Token for MapTiler Cloud

Service Token are ideal for use in desktop, server or mobile applications, adding a digital signature to each request. This makes it impossible to steal the credentials during transmission. The secret token provided as part of your credentials is much more secure and prevents their misuse. It is designed for internal use in companies to interact with MapTiler Cloud account.

If you want to add new tilesets, update them, change their metadata, or delete them, read Managing maps using the Admin API

DO NOT use this type of authorization in environments where the source code of your application is visible to the potential attacker (such as client-side web applications). Keep this token private – treat it the same way as you would a password.

If your source code is visible then use API Key authentication.

How to use Service Token

You can create Service Token on your MapTiler Cloud account page, in the Credentials section. Create a New Credential and then copy the Token button to get started.

For more information, read this guide to using securely signed requests to the MapTiler Cloud API

Example Token:

Token cd43c591d8404400a11e2fre48afedc9_f80f4be2adf86dfb6bc489229669877d6cfcad293f48ffe6e77898f25ab65607

Don’t forget to set the Authorization header in the form of Token {YOUR_TOKEN}, so we know it’s you making the requests.