Authentication methods

All requests to the CARTO APIs (and therefore all developments using CARTO) must be authenticated. When starting a project or building an application, we recommend choosing one between these three strategies:

Authentication via API Access Tokens: These types of permanent tokens are simple, easy to generate, restrictive, and not tied to specific users. You can use them directly to authenticate your requests. .
Authentication via Single Page OAuth Client: Authenticate each user separately by presenting them a login where they need to introduce their CARTO credentials — or their SSO credentials if configured. Once set up, your app will obtain and use for each user independently. .
Authentication via Machine-to-Machine OAuth Client: Obtain an on demand (using a backend application) without the user having to log in and use it to authenticate all your requests. .

PreviousLibraries and APIs NextAPI Access Tokens

Last updated 11 months ago

Was this helpful?