GET /apps/configured

API reference for the "/apps/configured" endpoint.

When a user reaches the end of an authentication flow, an app must perform a 302 redirect to the following URL:
https://www.canva.com/apps/configured
This redirect:
Closes the authentication pop-up window.
Reloads the app (or displays an error, if the authentication is unsuccessful).
Protects the app against cross-site request forgery (CSRF) attacks.
The app must also append the required query parameters.
To learn more, refer to Authentication.
For guidelines on creating a delightful authentication flow, see Optimizing the authentication flow.
If you're creating an app via canva.cn, redirect users to the canva.cn domain instead of canva.com.
Request
Endpoint
GET https://www.canva.com/apps/configured
Query
Properties
Property
Type
Required
Description
state
string
Yes
A token that Canva provides to the app at the start of the authentication flow. The app must return this token to Canva at the end of the authentication flow. This protects the app against Cross-Site Request Forgery (CSRF) attacks.
success
boolean
Yes
If true, Canva closes the authentication pop-up window and reloads the app. If false, Canva closes the authentication pop-up window and displays an error.
Example
https://www.canva.com/apps/configured?success=true&state=<state>

Property	Type	Required	Description
`state`	string	Yes	A token that Canva provides to the app at the start of the authentication flow. The app must return this token to Canva at the end of the authentication flow. This protects the app against Cross-Site Request Forgery (CSRF) attacks.
`success`	boolean	Yes	If `true`, Canva closes the authentication pop-up window and reloads the app. If `false`, Canva closes the authentication pop-up window and displays an error.

Server API - Previous

Overview

Next - Server API

POST /configuration

Last modified 8mo ago