Canva · OAuth Scopes

Canva OAuth Scopes

OAuth 2.0 derived

Canva publishes 11 OAuth 2.0 scopes via the authorizationCode flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Canva API on a user’s behalf.

Tokens are issued from https://api.canva.com/rest/v1/oauth/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

AppsAutomationBrand ManagementCollaborationDesignGraphicsMarketingPrintTemplatesVisual Content
Scopes: 11 Flows: authorizationCode Method: derived

OAuth endpoints

Authorization URL
https://www.canva.com/api/oauth/authorize
Token URL
https://api.canva.com/rest/v1/oauth/token
Flows
authorizationCode

Scopes (11)

ScopeDescriptionFlows
asset:read Read asset metadata authorizationCode
asset:write Upload and delete assets authorizationCode
brandtemplate:content:read Read brand template content and datasets authorizationCode
brandtemplate:meta:read Read brand template metadata authorizationCode
comment:read Read comments on designs authorizationCode
comment:write Create and manage comments authorizationCode
design:content:read Read design content authorizationCode
design:content:write Create and modify designs authorizationCode
design:meta:read Read design metadata authorizationCode
folder:read Read folder metadata and contents authorizationCode
folder:write Modify folder contents authorizationCode

Source

OAuth Scopes

canva-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/canva-connect-api-openapi.yml
schemes:
- name: oauth2
  source: openapi/canva-connect-api-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://www.canva.com/api/oauth/authorize
    tokenUrl: https://api.canva.com/rest/v1/oauth/token
  description: Canva uses OAuth 2.0 with authorization code flow. Access tokens must be included
    in the Authorization header as a Bearer token.
scopes:
- scope: asset:read
  description: Read asset metadata
  flows:
  - authorizationCode
  sources:
  - openapi/canva-connect-api-openapi.yml
- scope: asset:write
  description: Upload and delete assets
  flows:
  - authorizationCode
  sources:
  - openapi/canva-connect-api-openapi.yml
- scope: brandtemplate:content:read
  description: Read brand template content and datasets
  flows:
  - authorizationCode
  sources:
  - openapi/canva-connect-api-openapi.yml
- scope: brandtemplate:meta:read
  description: Read brand template metadata
  flows:
  - authorizationCode
  sources:
  - openapi/canva-connect-api-openapi.yml
- scope: comment:read
  description: Read comments on designs
  flows:
  - authorizationCode
  sources:
  - openapi/canva-connect-api-openapi.yml
- scope: comment:write
  description: Create and manage comments
  flows:
  - authorizationCode
  sources:
  - openapi/canva-connect-api-openapi.yml
- scope: design:content:read
  description: Read design content
  flows:
  - authorizationCode
  sources:
  - openapi/canva-connect-api-openapi.yml
- scope: design:content:write
  description: Create and modify designs
  flows:
  - authorizationCode
  sources:
  - openapi/canva-connect-api-openapi.yml
- scope: design:meta:read
  description: Read design metadata
  flows:
  - authorizationCode
  sources:
  - openapi/canva-connect-api-openapi.yml
- scope: folder:read
  description: Read folder metadata and contents
  flows:
  - authorizationCode
  sources:
  - openapi/canva-connect-api-openapi.yml
- scope: folder:write
  description: Modify folder contents
  flows:
  - authorizationCode
  sources:
  - openapi/canva-connect-api-openapi.yml