All Admin API requests must be authorized using a Token.

Tokens are ideal for use in desktop or mobile applications, adding a digital signature to each request. This makes it impossible to steal the credentials during transmission. Token authorization provides much better security and prevents credentials misuse.

DO NOT use this type of authorization in environments where the source code of your application is visible to the potential attacker (such as client-side web applications). Keep this token private – treat it the same way as you would a password.

How to use Token Authorization

Your MapTiler token is available in your MapTiler Server, in the Credentials Settings section.

For more information, read this guide to using secure authentication for MapTiler Server API.

Example Token:

Token cd43c591d8404400a11e2fre48afedc9_f80f4be2adf86dfb6bc489229669877d6cfcad293f48ffe6e77898f25ab65607

Don’t forget to set the Authorization header in the form of Token {YOUR_TOKEN}, so we know it’s you making the requests.