Overview of Tokens
Contentstack provides the Content Delivery API and Content Management API to retrieve and manage the content of your Contentstack account. Different types of tokens are required to authorize these API calls.
Additional Resource: Here's the section that discusses the different types of tokens to help you understand which token will work for you.
For Content Delivery APIs, you need to authenticate your request with a Delivery Token that has been assigned to a specific publishing environment. And, to make authorized Content Management API requests, you need to use the stack API Key along with either an authtoken or a Management Token.
- For API Key and Authtoken-based authentication:
- Pass the stack’s API key against the api_key parameter as header
- Pass the user Authtoken against the authtoken parameter as header
- For API Key and Management Token-based authentication:
- Pass the stack’s API key against the api_key parameter as header
- Pass the user Management Token value against the authorization parameter as header
Note: The Management token is a stack-level token that can only be used within the stack in which it was created. It cannot be used for other products or Content Management API (CMA) modules such as organization, stack, user session, and tokens.