initDesignTokenVerifier
This API is a preview. Preview APIs are unstable and may change without warning. You can't release public apps using this API until it's stable.
Initializes a design token verifier with the given configuration.
Design tokens are JWTs that identify a specific Canva design. They are used to verify requests that need access to design-specific data.
The verifier caches JWKS public keys according to the configured cache settings. Create one verifier instance and reuse it for all verification requests.
Usage
Basic usage:
import { initDesignTokenVerifier } from '@canva/app-middleware';// Initialize once at app startupconst designTokenVerifier = initDesignTokenVerifier({appId: process.env.CANVA_APP_ID,});// Verify tokens per request inside a handlerconst payload = await designTokenVerifier.verify(token);console.log(payload.designId, payload.appId);
With custom options:
const designTokenVerifier = initDesignTokenVerifier({appId: process.env.CANVA_APP_ID,cacheMaxAgeMinutes: 30,timeoutMs: 10000,});
Parameters
optionsTokenVerifierOptionsConfiguration options for the verifier
appIdstringThe ID of the Canva app, obtained via the developer portal canva.com/developers.
cacheMaxAgeMinutesnumberThe maximum age of the JWKS cache in minutes.
Default value: 60
timeoutMsnumberThe timeout for the JWKS fetch in milliseconds.
Default value: 30000
baseUrlstringThe base URL for the JWKS endpoint.
Default value: "https://api.canva.com"
Returns
A configured verifier instance.
verifyfunctionVerifies a Canva design JWT token and returns the decoded payload.
Parameters
tokenstringThe JWT token to verify
Returns
The verified design token payload. This is a Promise that resolves with the following object:
appIdstringThe ID of the Canva app
designIdstringThe ID of the Canva design
Throws
When the token is malformed or has an invalid signature
Throws
When the token has expired