Overview of Tokens
A token is a unique, encoded string issued to authorize users or systems when accessing APIs.
Contentstack uses token-based authentication to ensure secure access and operations on your account. You can create, update, delete, and fetch content using tokens. The type of token required depends on the API you're working with.
Content Delivery API Authentication
You need a Delivery Token to authenticate the Content Delivery API request. This token is environment-specific, so you must assign it to a publishing environment from which you want to retrieve content.
Content Management API Authentication
You can authenticate requests to the Content Management API using one of the following methods:
Method 1: API Key + Authtoken
Use the following parameters in your request headers:
- api_key: The stack’s API Key.
- authtoken: The user’s Authtoken.
Method 2: API Key + Management Token
Use the following parameters in your request headers:
- api_key: The stack’s API Key.
- authorization: The Management Token value.
Note: Management Tokens are restricted to the stack in which they were generated. They cannot be shared across other stacks or used with unrelated Content Management API modules such as organization management, user sessions, or token generation.
More articles in "About Tokens"