We are excited to announce the release of version 2.0.0 of the @canva/user capability. This update includes the ability to authorize apps with your backend using OAuth 2 with the Authorization Code grant type.
Using the new OAuth API
- Configure your oauth client id, secret, redirect URL etc in your app’s configuration.
- Import
oauthfrom the @canva/user package:import { auth } from '@canva/user'; - Call initOAuth
const oauth = auth.initOauth(); const response = await oauth.requestAuthorization(); - Call getAccessToken
const accessTokenResponse = await oauth.getAccessToken(); - Use the accessToken
const response = await fetch( `${BACKEND_HOST}/path`, { headers: { Authorization: `Bearer ${accessTokenResponse.accessToken}`, }, }, );
Upgrading to v2.0.0
Simply run the following command in your project directory:
npm install @canva/user@latest
More details
For more information on how to use OAuth in the Apps SDK, visit the OAuth integration docs and the initOauth API reference.
Manual auth
Manual authentication using requestAuthentication is now deprecated. For new apps you’ll need to use the latest versions of the npm packages (>2.0.0) and implement OAuth 2 in your backend in order to enable app authorization.