canva-sdk-patterns
Apply production-ready Canva Connect API client patterns for TypeScript and Python. Use when building a reusable API client, implementing token refresh, or establishing team coding standards for Canva integrations. Trigger with phrases like "canva client patterns", "canva best practices", "canva code patterns", "canva API wrapper", "canva TypeScript client".
Best use case
canva-sdk-patterns is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Apply production-ready Canva Connect API client patterns for TypeScript and Python. Use when building a reusable API client, implementing token refresh, or establishing team coding standards for Canva integrations. Trigger with phrases like "canva client patterns", "canva best practices", "canva code patterns", "canva API wrapper", "canva TypeScript client".
Teams using canva-sdk-patterns should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/canva-sdk-patterns/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How canva-sdk-patterns Compares
| Feature / Agent | canva-sdk-patterns | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Apply production-ready Canva Connect API client patterns for TypeScript and Python. Use when building a reusable API client, implementing token refresh, or establishing team coding standards for Canva integrations. Trigger with phrases like "canva client patterns", "canva best practices", "canva code patterns", "canva API wrapper", "canva TypeScript client".
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
ChatGPT vs Claude for Agent Skills
Compare ChatGPT and Claude for AI agent skills across coding, writing, research, and reusable workflow execution.
SKILL.md Source
# Canva SDK Patterns
## Overview
Production-ready patterns for wrapping the Canva Connect REST API. There is no official SDK — all integrations use `fetch` against `api.canva.com/rest/v1/*` with OAuth Bearer tokens. These patterns add automatic token refresh, retry logic, type safety, and multi-tenant support.
## Prerequisites
- Completed `canva-install-auth` setup
- Understanding of OAuth 2.0 token lifecycle
- TypeScript 5+ project (or Python 3.10+)
## Pattern 1: Type-Safe Client with Auto Token Refresh
```typescript
// src/canva/client.ts
interface CanvaTokens {
accessToken: string;
refreshToken: string;
expiresAt: number; // Unix ms
}
interface CanvaClientConfig {
clientId: string;
clientSecret: string;
tokens: CanvaTokens;
onTokenRefresh?: (tokens: CanvaTokens) => Promise<void>; // Persist new tokens
}
export class CanvaClient {
private static BASE = 'https://api.canva.com/rest/v1';
private tokens: CanvaTokens;
constructor(private config: CanvaClientConfig) {
this.tokens = config.tokens;
}
async request<T = any>(path: string, init: RequestInit = {}): Promise<T> {
// Auto-refresh if token expires within 5 minutes
if (Date.now() > this.tokens.expiresAt - 300_000) {
await this.refreshToken();
}
const res = await fetch(`${CanvaClient.BASE}${path}`, {
...init,
headers: {
'Authorization': `Bearer ${this.tokens.accessToken}`,
'Content-Type': 'application/json',
...init.headers,
},
});
if (res.status === 401) {
await this.refreshToken();
return this.request(path, init); // Retry once after refresh
}
if (!res.ok) {
const body = await res.text();
throw new CanvaAPIError(res.status, body, path);
}
return res.status === 204 ? (null as T) : res.json();
}
private async refreshToken(): Promise<void> {
const basicAuth = Buffer.from(
`${this.config.clientId}:${this.config.clientSecret}`
).toString('base64');
const res = await fetch(`${CanvaClient.BASE}/oauth/token`, {
method: 'POST',
headers: {
'Authorization': `Basic ${basicAuth}`,
'Content-Type': 'application/x-www-form-urlencoded',
},
body: new URLSearchParams({
grant_type: 'refresh_token',
refresh_token: this.tokens.refreshToken,
}),
});
if (!res.ok) throw new Error('Token refresh failed — user must re-authorize');
const data = await res.json();
this.tokens = {
accessToken: data.access_token,
refreshToken: data.refresh_token, // Single-use — always store the new one
expiresAt: Date.now() + data.expires_in * 1000,
};
await this.config.onTokenRefresh?.(this.tokens);
}
// Convenience methods matching the REST API
async getMe() { return this.request('/users/me'); }
async getProfile() { return this.request('/users/me/profile'); }
async createDesign(body: object) { return this.request('/designs', { method: 'POST', body: JSON.stringify(body) }); }
async getDesign(id: string) { return this.request(`/designs/${id}`); }
async listDesigns(params?: URLSearchParams) { return this.request(`/designs?${params || ''}`); }
async createExport(body: object) { return this.request('/exports', { method: 'POST', body: JSON.stringify(body) }); }
async getExport(id: string) { return this.request(`/exports/${id}`); }
async createAutofill(body: object) { return this.request('/autofills', { method: 'POST', body: JSON.stringify(body) }); }
async getAutofill(id: string) { return this.request(`/autofills/${id}`); }
}
```
## Pattern 2: Custom Error Class
```typescript
// src/canva/errors.ts
export class CanvaAPIError extends Error {
public readonly retryable: boolean;
constructor(
public readonly status: number,
public readonly body: string,
public readonly path: string
) {
super(`Canva API ${status} on ${path}: ${body}`);
this.name = 'CanvaAPIError';
this.retryable = status === 429 || status >= 500;
}
get isRateLimited(): boolean { return this.status === 429; }
get isAuthError(): boolean { return this.status === 401 || this.status === 403; }
get isNotFound(): boolean { return this.status === 404; }
}
```
## Pattern 3: Retry with Exponential Backoff
```typescript
// src/canva/retry.ts
export async function withRetry<T>(
fn: () => Promise<T>,
opts = { maxRetries: 3, baseDelayMs: 1000 }
): Promise<T> {
for (let attempt = 0; attempt <= opts.maxRetries; attempt++) {
try {
return await fn();
} catch (err) {
if (attempt === opts.maxRetries) throw err;
if (err instanceof CanvaAPIError && !err.retryable) throw err;
const delay = opts.baseDelayMs * Math.pow(2, attempt) + Math.random() * 500;
await new Promise(r => setTimeout(r, delay));
}
}
throw new Error('Unreachable');
}
```
## Pattern 4: Multi-Tenant Factory
```typescript
// src/canva/factory.ts
const clients = new Map<string, CanvaClient>();
export function getCanvaClientForUser(userId: string, db: TokenStore): CanvaClient {
if (!clients.has(userId)) {
const tokens = db.getTokens(userId);
clients.set(userId, new CanvaClient({
clientId: process.env.CANVA_CLIENT_ID!,
clientSecret: process.env.CANVA_CLIENT_SECRET!,
tokens,
onTokenRefresh: async (newTokens) => {
await db.saveTokens(userId, newTokens);
},
}));
}
return clients.get(userId)!;
}
```
## Pattern 5: Python REST Client
```python
# canva/client.py
import httpx
import base64
import time
class CanvaClient:
BASE = "https://api.canva.com/rest/v1"
def __init__(self, client_id: str, client_secret: str, tokens: dict):
self.client_id = client_id
self.client_secret = client_secret
self.tokens = tokens
self._http = httpx.AsyncClient(base_url=self.BASE, timeout=30)
async def request(self, method: str, path: str, **kwargs) -> dict:
if time.time() > self.tokens["expires_at"] - 300:
await self._refresh()
resp = await self._http.request(
method, path,
headers={"Authorization": f"Bearer {self.tokens['access_token']}"},
**kwargs,
)
if resp.status_code == 401:
await self._refresh()
return await self.request(method, path, **kwargs)
resp.raise_for_status()
return resp.json() if resp.content else {}
async def _refresh(self):
creds = base64.b64encode(
f"{self.client_id}:{self.client_secret}".encode()
).decode()
resp = await self._http.post(
"/oauth/token",
headers={"Authorization": f"Basic {creds}"},
data={"grant_type": "refresh_token", "refresh_token": self.tokens["refresh_token"]},
)
resp.raise_for_status()
data = resp.json()
self.tokens = {
"access_token": data["access_token"],
"refresh_token": data["refresh_token"],
"expires_at": time.time() + data["expires_in"],
}
```
## Response Validation with Zod
```typescript
import { z } from 'zod';
const CanvaDesignSchema = z.object({
design: z.object({
id: z.string(),
title: z.string(),
owner: z.object({ user_id: z.string(), team_id: z.string() }),
urls: z.object({ edit_url: z.string(), view_url: z.string() }),
created_at: z.number(),
updated_at: z.number(),
page_count: z.number(),
}),
});
const validated = CanvaDesignSchema.parse(await client.getDesign(id));
```
## Error Handling
| Pattern | Use Case | Benefit |
|---------|----------|---------|
| Auto-refresh | All API calls | Transparent token lifecycle |
| Error class | Error handling | Typed, retryable flags |
| Retry wrapper | Transient failures | Exponential backoff + jitter |
| Multi-tenant | SaaS apps | Per-user token isolation |
## Resources
- [Canva API Reference](https://www.canva.dev/docs/connect/api-reference/)
- [Authentication](https://www.canva.dev/docs/connect/authentication/)
- [OpenAPI Spec](https://www.canva.dev/sources/connect/api/latest/api.yml)
## Next Steps
Apply patterns in `canva-core-workflow-a` for real-world usage.Related Skills
workhuman-sdk-patterns
Workhuman sdk patterns for employee recognition and rewards API. Use when integrating Workhuman Social Recognition, or building recognition workflows with HRIS systems. Trigger: "workhuman sdk patterns".
wispr-sdk-patterns
Wispr Flow sdk patterns for voice-to-text API integration. Use when integrating Wispr Flow dictation, WebSocket streaming, or building voice-powered applications. Trigger: "wispr sdk patterns".
windsurf-sdk-patterns
Apply production-ready Windsurf workspace configuration and Cascade interaction patterns. Use when configuring .windsurfrules, workspace rules, MCP servers, or establishing team coding standards for Windsurf AI. Trigger with phrases like "windsurf patterns", "windsurf best practices", "windsurf config patterns", "windsurfrules", "windsurf workspace".
windsurf-reliability-patterns
Implement reliable Cascade workflows with checkpoints, rollback, and incremental editing. Use when building fault-tolerant AI coding workflows, preventing Cascade from breaking builds, or establishing safe practices for multi-file AI edits. Trigger with phrases like "windsurf reliability", "cascade safety", "windsurf rollback", "cascade checkpoint", "safe cascade workflow".
webflow-sdk-patterns
Apply production-ready Webflow SDK patterns — singleton client, typed error handling, pagination helpers, and raw response access for the webflow-api package. Use when implementing Webflow integrations, refactoring SDK usage, or establishing team coding standards. Trigger with phrases like "webflow SDK patterns", "webflow best practices", "webflow code patterns", "idiomatic webflow", "webflow typescript".
vercel-sdk-patterns
Production-ready Vercel REST API patterns with typed fetch wrappers and error handling. Use when integrating with the Vercel API programmatically, building deployment tools, or establishing team coding standards for Vercel API calls. Trigger with phrases like "vercel SDK patterns", "vercel API wrapper", "vercel REST API client", "vercel best practices", "idiomatic vercel API".
vercel-reliability-patterns
Implement reliability patterns for Vercel deployments including circuit breakers, retry logic, and graceful degradation. Use when building fault-tolerant serverless functions, implementing retry strategies, or adding resilience to production Vercel services. Trigger with phrases like "vercel reliability", "vercel circuit breaker", "vercel resilience", "vercel fallback", "vercel graceful degradation".
veeva-sdk-patterns
Veeva Vault sdk patterns for REST API and clinical operations. Use when working with Veeva Vault document management and CRM. Trigger: "veeva sdk patterns".
vastai-sdk-patterns
Apply production-ready Vast.ai SDK patterns for Python and REST API. Use when implementing Vast.ai integrations, refactoring SDK usage, or establishing coding standards for GPU cloud operations. Trigger with phrases like "vastai SDK patterns", "vastai best practices", "vastai code patterns", "idiomatic vastai".
twinmind-sdk-patterns
Apply production-ready TwinMind SDK patterns for TypeScript and Python. Use when implementing TwinMind integrations, refactoring API usage, or establishing team coding standards for meeting AI integration. Trigger with phrases like "twinmind SDK patterns", "twinmind best practices", "twinmind code patterns", "idiomatic twinmind".
together-sdk-patterns
Together AI sdk patterns for inference, fine-tuning, and model deployment. Use when working with Together AI's OpenAI-compatible API. Trigger: "together sdk patterns".
techsmith-sdk-patterns
TechSmith sdk patterns for Snagit COM API and Camtasia automation. Use when working with TechSmith screen capture and video editing automation. Trigger: "techsmith sdk patterns".