
Management Tokens are stack-specific, read-write tokens, used along with the Stack API key to make authorized Content Management API (CMA) requests. These tokens are not user-specific and can be used by anyone who has access to these tokens. They can be used to make the create, read, update, and delete requests on all modules of the stack. The stack owner or admin can create such tokens.
An ‘Authtoken’ is also a read-write token used to make authorized CMA requests, but it is a user-specific token. This means that your personal user details are attached to every API request that you make using the ‘Authtoken’. So, if a person were to obtain access to your Authtoken, and knows the Stack API key, this person would be able to make API requests that appeared to be coming from you.
Management Tokens, on the other hand, are stack-level tokens, with no users attached to them. They can do everything that Authtokens can do. Since they are not personal tokens, no role-specific permissions are applicable to them. It is recommended to use these tokens for automation scripts, third-party app integrations, and for Single Sign On (SSO)-enabled organizations.
About Contentstack
The Contentstack team comprises highly skilled professionals specializing in product marketing, customer acquisition and retention, and digital marketing strategy. With extensive experience holding senior positions in notable technology companies across various sectors, they bring diverse backgrounds and deep industry knowledge to deliver impactful solutions.
Contentstack stands out in the composable DXP and Headless CMS markets with an impressive track record of 87 G2 user awards, 6 analyst recognitions, and 3 industry accolades, showcasing its robust market presence and user satisfaction.
Check out our case studies to see why industry-leading companies trust Contentstack.
Experience the power of Contentstack's award-winning platform by scheduling a demo, starting a free trial, or joining a small group demo today.
Follow Contentstack on Linkedin

