Overview of Tokens

A token is a unique, encoded string issued to authorize users or systems when accessing APIs.

Contentstack uses token-based authentication to ensure secure access and operations on your account. You can create, update, delete, and fetch content using tokens. The type of token required depends on the API you're working with.

Content Delivery API Authentication

You need a Delivery Token to authenticate the Content Delivery API request. This token is environment-specific, so you must assign it to a publishing environment from which you want to retrieve content.

Content Management API Authentication

You can authenticate requests to the Content Management API using one of the following methods:

Method 1: API Key + Authtoken

Use the following parameters in your request headers:

• api_key: The stack’s API Key.
• authtoken: The user’s Authtoken.

Method 2: API Key + Management Token

Use the following parameters in your request headers:

• api_key: The stack’s API Key.
• authorization: The Management Token value.

Note: Management Tokens are restricted to the stack in which they were generated. They cannot be shared across other stacks or used with unrelated Content Management API modules such as organization management, user sessions, or token generation.