Skip navigation
Skip to main content
General information
General information

Credentials overview

To set up the integration, partners need credentials.

There are two variations of these credentials:

  • Production
  • Test

You must use the production credentials for integrations running in a live environment. A live environment is where users can purchase prints of their designs. You can use the test credentials while developing an integration to avoid being charged for test purchases.

List of credentials

Partners need the following credentials:

Partner ID

A unique ID that identifies you as a print partner.

Partner API key

A public API key for initializing the Partnership SDK.

Partner API secret

A secret API key for generating an autoAuthToken.

Artwork API secret

A secret API key for purchasing the print-quality version of a user's artwork.

Request credentials

For security reasons, Canva sends credentials to partners via encrypted files. Canva creates the encrypted files using a public key that partners provide. Partners then decrypt the files using their private key.

To request credentials from Canva, see Request credentials.

Domain restrictions

By default, the API keys are locked to the following domains:

  • canva.com
  • localhost

If requests don't originate from these domains, Canva responds to requests with a 403 error.

To use the API keys from domains where you intend to deploy and test the integration, add the domains to Canva's allowlist.

Rotate credentials

For security reasons, Canva recommends rotating the credentials periodically.

Specifically, these:

  • Partner API key.
  • Partner API secret.
  • Artwork API secret.

The Partner ID doesn't change.

To rotate the credentials:

  1. Request new credentials from Canva. To raise a request, see Request credentials.
  2. Update the integration to use the new credentials.