Web services
Mapbox web services accept GET requests and support both HTTP and HTTPS.
If there is an error processing the request the API will respond with an appropriate HTTP error code.
The body of an error response will be text (not JSON) which describes the error.
Access Tokens
Access to Mapbox web services requires an access token. The access token is used to associate requests to
API resources with your account. Supply the access token using an access_token query parameter:
https://api.tiles.mapbox.com/v4/{resource}.json?access_token=<your access token here>
There are two types of access tokens:
- Public access tokens should be used in situations where they can be easily rotated, like scripts on a web page.
- Secret access tokens should be used in places where it is more difficult to rotate, like mobile apps which require an approval process.
Versions
The current version of the Mapbox web services is v4. The base URL is:
https://api.tiles.mapbox.com/v4
Attributes may be added to returned JSON objects without changing the version number. If any attributes are removed or any breaking changes made to the URL schema the version will be incremented. For documentation for previous versions, see here.
SSL
All API endpoint URLs support both http and https schemes.
URI References in TileJSON response bodies default to HTTP regardless of the protocol used in the request.
Include the ?secure querystring in the request to have resources in the response reference HTTPS endpoints.
https://api.tiles.mapbox.com/v4/{resource}.json?secure=1
CORS
Mapbox web services support cross-origin requests with no domain restrictions. To make client-side requests to Mapbox web services, use standard XMLHttpRequests with CORS. To support Internet Explorer 8 and 9, use a library that falls back to XDomainRequest like corslite.