Authorization API

Overview Wiki FAQ

To allow clients to securely authorize against CloudMade's servers, we offer a token based authorization method. Token based authorization is easy to implement and lets you and CloudMade accurately measure the number of users your application has and the volume of services they use.

From 1st February 2010 all new mobile applications must use token based authorization. All mobile applications must be fully migrated to token based authorization by 1st May 2010.

Using Token Authorization from a CloudMade Library¶

If you are using a CloudMade library or SDK like our iPhone SDK, you don't need to worry about token authorization as the SDK handles the process for you. To find out if the library or SDK you use supports token based authorization take a look at this list of supported libraries and SDKs.

Using Token Authorization without a CloudMade Library¶

If the library you are using does not support token based authorization you can still use tokens.

A token is a plain text string that is used to uniquely identify a client to CloudMade within particular APIKEY. They are globally unique and are issued to a client the first time they use CloudMade's services. Whenever the client uses any of CloudMade's services they must pass the same token in order to receive a valid response. Lets take a look at an example use.

1. Get a token¶

To get a token, use the HTTP method POST to send the following details:
http://auth.cloudmade.com/token/APIKEY?userid=UserID

APIKEY - is your API key
UserID - is a unique identifier for your user, for example a hash of your user's device unique identifier and your user's id

This will return a plain text token, like this one:
9d87ec0668bd45baafcdb7d725795d10

2. Use your token to access CloudMade's services¶

To access CloudMade's services, simply attach your token to any request for tiles, static maps, geocoding, local search, routing, NavEngine, Vector Stream Server or any other services. Like this:
http://b.tile.cloudmade.com/APIKEY/1/256/5/13/9.png?token=TOKEN

APIKEY - is your API key
TOKEN - is the token you received in step 1 above

3. Trouble Shooting¶

The auth server will return the following response codes:

200 text/plain Token
403 If API key is not found in store or you're using a web API key.
400 If userid parameter is not provided
500 If server is out of luck

Getting More Help¶

If you are still having problems, take a look at the Authorization Wiki and FAQ. If you are still having problems after than, contact our support team - support@cloudmade.com

Changes to Mobile Authorization

We've made some changes to the way mobile devices authorize against our API. Find out more here

Ready to Get started?

Get an API Key

Search for documentation, products and tutorials.

Members

Manager: Nick Black

License info

License