Skip navigation

Skip to main content

API reference
Intents: Asset
Intents: Content
Intents: design
App middleware: Express
API reference

tokenExtractors

API reference for the tokenExtractors method.

This API is a preview. Preview APIs are unstable and may change without warning. You can't release public apps using this API until it's stable.

Factory functions for extracting JWT tokens from various sources. Use these with the tokenExtractor option in user.verifyToken().

Methods

fromBearerAuthfunction
Required

Extracts a JWT token from the Authorization header using the Bearer scheme.

Returns

A token extractor function.

(req) => Promise<string> | string

Example

import { user, tokenExtractors } from "@canva/app-middleware/express";


app.use(
  "/api",
  user.verifyToken({
    appId: APP_ID,
    tokenExtractor: tokenExtractors.fromBearerAuth(),
  }),
);
TYPESCRIPT
fromQueryfunction
Required

Extracts a JWT token from a query string parameter.

Parameters

paramNamestring
Required

The name of the query parameter

Returns

A token extractor function.

(req) => Promise<string> | string

Example

import { user, tokenExtractors } from "@canva/app-middleware/express";


app.use(
  "/api",
  user.verifyToken({
    appId: APP_ID,
    tokenExtractor: tokenExtractors.fromQuery("canva_token"),
  }),
);
TYPESCRIPT
fromCookiefunction
Required

Extracts a JWT token from a cookie. Requires cookie-parser middleware or similar to parse cookies.

Parameters

cookieNamestring
Required

The name of the cookie

Returns

A token extractor function.

(req) => Promise<string> | string

Example

import cookieParser from "cookie-parser";
import { user, tokenExtractors } from "@canva/app-middleware/express";


app.use(cookieParser());
app.use(
  "/api",
  user.verifyToken({
    appId: APP_ID,
    tokenExtractor: tokenExtractors.fromCookie("canva_token"),
  }),
);
TS