Canva Developers logo
Authentication
Getting started
Authentication

getCanvaUserToken

API reference for the getCanvaUserToken function.

Retrieves a JSON Web Token (JWT) for the current user. For the sake of security, include this JWT in the Authorization header of any HTTP request sent to the app's backend. The backend must only accept the request if the JWT is valid.

To learn more, see Sending HTTP requests.

Usage

import { getAuthentication } from "@canva/authentication";


(async () => {
  const authentication = getAuthentication();
  const token = await authentication.getCanvaUserToken();


  const response = await fetch("https://example.com/my/api/endpoint", {
    method: "POST",
    headers: {
      Authorization: `Bearer ${token}`,
    },
  });


  const result = await response.json();
  console.log(result);
})();

Returns

Returns a JSON Web Token as a string.

You can access information about the user, such as their ID, by decoding the string into an object. We recommend using a library to decode the object, such as jsonwebtoken.

The decoded object contains the following properties:

#audstring
Required

The ID of the app.

#userIdstring
Required

The ID of the user.

#brandIdstring
Required

The ID of the user's team.