API reference for the auth.requestAuthentication method.

Starts an authentication flow.

To learn more, see Authenticating users.

import { auth } from "@canva/user";
(async () => {
const response = await auth.requestAuthentication();
switch (response.status) {
console.log("The authentication was successful.");
case "ABORTED":
console.log("The user exited the authentication flow.");
case "DENIED":
console.log("The user didn't have the required permissions.");

The options for customizing the authentication flow.


A string that's appended to the app's Redirect URL at the start of an authentication flow.

The value of the context parameter must not:

  • Exceed 32 characters
  • Contain sensitive information, such as user data, tokens, or secrets
  • Contain anything not strictly relevant to the authentication flow

A Promise that resolves with the following object:


The result of the authentication flow.


A value that identifies if the authentication flow was successful or not.

This property may contain any of the following values:

  • "COMPLETED" - The user successfully authenticated.
  • "ABORTED" - The user exited the authentication flow.
  • "DENIED" - The user didn't have the required permissions.
Sometimes required

An array of error codes provided by the app. The app can provide these error codes when redirecting the user back to Canva at the end of an authentication flow.