Secure your LocationIQ Maps deployment with Access tokens!

LocationIQ Maps access token

We would like to thank our users for the overwhelmingly positive response for our Maps API launch! We’ve received a ton of appreciation and feedback about our service. The appreciation helps us morally, and the feedback helps us set our goals for the future. 🙂

Thanks to that feedback; today, we’re launching an access-token system to address important security issues.

When you sign up for an account at LocationIQ, you get a private token sent to your mail. This is your key to the user dashboard and to our API. Our recent launch of Maps, had us looking at this system from a different perspective. Private tokens are just that; private, not to be shared or used in an application that is accessible the public. For deployments that require client-side requests, giving out a private token is risky – anyone out there can see and use it.

An access token solves this by giving a user the ability to:

  • use access tokens in multiple deployments and keep track of individual usage
  • use access tokens in public-facing deployments
  • create new access tokens and cycle through it to keep things secure
  • whitelist specific domains (coming soon)

LocationIQ private token vs access token

How to create an access token?

  1. Login to your user dashboard. (Link)
  2. Click on the ‘Account Details’ tab
  3. Click on ‘Create Access Token’
  4. Fill in a desired label. (eg. iOS, Web app, Android app etc..)
  5. Click ‘Create’

We’ve also put up a quick 10 second guide below. (okay, its 12 seconds. 10 just sounds better)

 

Need info on best practices? Write to us at [email protected], or just leave us a message on our contact page.

Spread the love

Leave a Reply

Your email address will not be published. Required fields are marked *