Overview of Tokens
Contentstack provides Content Delivery and Content Management APIs to retrieve and/or manage the content of your Contentstack account and different types of tokens are needed to authorize these API calls.
Additional Resource: Here's the section that discusses the different types of tokens to help you understand which token will work for you.
For Content Delivery APIs, you need to authenticate your request with a Delivery Token that has been assigned to a specific publishing environment. And, to make authorized Content Management API requests, you need to use the stack API Key along with either an authtoken or a Management Token.
- For API Key and Authtoken-based authentication:
- Pass the stack’s API key against the api_key parameter as header
- Pass the user Authtoken against the authtoken parameter as header
- For API Key and Management Token-based authentication:
- Pass the stack’s API key against the api_key parameter as header
- Pass the user Management Token value against the authorization parameter as header
Note: Management tokens cannot be used for the following modules: organization, stack, user session, and tokens.