The following apps will be receiving rewards from our App Adoption Awards program:
- Codia AI Design by Codia AI
- Image Outliner by Qutesoft
- JigsawPuzzle by VertexTurbo
- Auto Captions by Certified Code
- Invert Colors by Mutables
- Text Studio Maker by TextStudio Team
Check them out and show some love to the developers! 
Happy coding,
Matty
4 posts - 3 participants
]]>
During beta, these APIs enabled you to launch the Content Publisher and Bulk Create Data Connector intent experiences directly from your apps. With general availability, the APIs are now stable and ready for public app release in the Canva Apps SDK.
In line with our deprecation policy, we’ll maintain this API version for the next six months while continuing to make improvements. Feedback remains welcome 
Find out more about these APIs and get started:
We’re ready when you are. Finalize your apps and submit them for review — we can’t wait to see what you build 
The Canva Team
1 post - 1 participant
]]>
The following apps will be receiving rewards from our App Adoption Awards program 
:
-
Codia AI Design
-
Watermark Maker
-
Type Curve
-
Image Mixer
To try out each of the winning Apps, head to the Canva Apps Marketplace 
Happy coding,
Matty
1 post - 1 participant
]]>With the beta launch, we introduced the ability to experiment with the intent to publish content, provide previews, and configure platform-specific publish settings natively in the Share menu and other surfaces. With GA, you now have a stable, supported way to bring seamless publishing workflows to your apps, backed by production-ready tooling.
What GA Means for You
- The intent is now stable and ready for public app release in the Canva Apps SDK (no longer limited to beta usage). As per our deprecation policy we commit to maintaining this version of the API for the next 6 months as we continue to add improvements. Feedback remains welcome!
- Users can publish designs directly from Canva to your platform with accurate previews and platform-specific options like captions and tags.
- You’ll benefit from integrated discoverability where users are ready to share - from the Editor’s Share menu and other surfaces as support is added.
Next Steps
If you haven’t yet explored the intent, explore our key resources to begin your journey:
- Content Publisher Intent Overview — get a feel for the flow, experience and understand key dates
- Design Guidelines — learn how to create a successful publisher app
- API Documentation — access API previews and implementation examples
- Developer Community Forum — connect with the Canva team, ask questions, and share feedback
If you started development during the beta, now is a great time to finalise your integration, submit your app for review, and launch a publish experience to your users!
Thank you to everyone who provided feedback during the beta period. We’re thrilled to see what you build next!
The Canva Team 
6 posts - 4 participants
]]>We’re aware of an issue currently affecting app creation. This only impacts apps created after 2026-01-21 00:00:00 UTC, preventing developers from testing these apps locally.
Workaround: Please use Firefox as your browser for now, which should allow you to continue testing.
We’re actively working on a fix and will share more details about the specific issue shortly.
Thanks for your patience, and apologies for the disruption to your workflow.
2 posts - 1 participant
]]> New feature alert! The Developer Portal now has an App compatibility toggle!
Enable it to surface your app on responsive designs like Canva docs 
and Canva email 
— helping you reach even more users across different design formats!
Before you flip the switch: make sure your app is ready by checking out the Feature Support guide on how to make your app compatible, as well as the Design Types guide to understand different design formats.
Once you’re all set, head to Developer Portal → Your App → Compatibility Tab → App compatibility to enable the app compatibility toggle.
Questions? Let us know — we’re here to help!
3 posts - 2 participants
]]>A little overdue, but in an effort to improve our Developer Experience, we’re packaging up as much of our SDK functionality as possible, to allow for easy updates and better version control. So, we’re excited to announce that @canva/app-middleware is now available on npm! This preview SDK makes it super easy to verify JWT tokens in your Node.js backend services, and replaces jwt_middleware and design_token modules that were previously included in the Apps SDK Starter Kit.
What does it do?
If you’re building apps with Canva, you need to verify tokens to authenticate users and access design context. We’ve built a comprehensive SDK that handles:
- User token verification - Verify identity tokens from auth.getCanvaUserToken.
- Design token verification - Verify design tokens to from getDesignToken.
Feature highlight
Express.js middleware - Drop-in middleware for Express apps that automatically verifies tokens and adds decoded payloads to your requests
import { user } from "@canva/app-middleware/express";
app.post(
"/api/user/profile",
user.verifyToken({ appId: "your-app-id" }),
(req, res) => {
const userId = req.canva.user.userId!;
// Your code here
}
);
Framework primitives - Core verification functions work anywhere - Next.js, AWS Lambda, Cloudflare Workers, Fastify, Hono, or any Node.js environment
import { initUserTokenVerifier } from "@canva/app-middleware";
const verifier = initUserTokenVerifier({ appId: "your-app-id" });
const payload = await verifier.verifyToken(token);
Token extraction utils - Built-in support for Authorization headers, query strings, cookies, or build your own custom extractor
This is a preview
We’re releasing this as a preview to get your feedback early. Try it out, kick the tires, and let us know what you think. What works well? What’s missing? What’s confusing? Your input will help shape the final release.
Get started
Install from npm:
npm install @canva/app-middleware@latest
Check out the docs:
npm package:
We’d love to hear your feedback, so please do not hesitate to reach out with any questions.
Cheers
Anto
1 post - 1 participant
]]>Based on your ongoing feedback and evolving needs, we’re excited to announce that the limit for localised messages per App has been increased to 500!
Thank you for continuing to make Canva accessible to users around the world.
3 posts - 2 participants
]]>Dear Canva Developer Platform Team,
I'm writing to report a **critical breaking change** in the `@canva/asset` upload API that has been affecting many existing apps since approximately **January 13-14, 2026**.
---
## 🔴 Issue Summary
The `aiDisclosure` parameter in the `upload()` function appears to have become **mandatory** without prior deprecation notice. This change has caused widespread failures for users attempting to:
- Add assets to designs
- Upload to media library
**Affected API:**
```typescript
import { upload } from "@canva/asset";
await upload({
type: "image",
url: "https://example.com/image.jpg",
mimeType: "image/jpeg",
thumbnailUrl: "https://example.com/thumb.jpg",
aiDisclosure: "none" // ← Previously optional, now required
});
Request
To maintain backward compatibility and minimize disruption to the Canva app ecosystem, we kindly request:
-
Default fallback behavior: If
aiDisclosureis missing or invalid, default to
"none"(matching previous behavior)
-
Graceful deprecation: Instead of hard failures, show a console warning to guide developers:
⚠️ Warning: 'aiDisclosure' will be required in a future version.
Please update your integration. Defaulting to 'none'.
See: https://www.canva.dev/docs/apps/asset-upload -
Advance notice: Provide a reasonable migration window (e.g., 30-60 days) before enforcing mandatory parameters
Why This Matters
-
Many production apps are now broken without any code changes on our end
-
Users are experiencing failures with no clear error messaging
-
This undermines trust in the stability of the Canva platform APIs
Our Commitment
We fully understand and support the importance of AI disclosure for transparency. We are committed to updating our integration to comply with this requirement. We simply ask for a graceful transition period to:
-
Protect existing users from unexpected failures
-
Give developers adequate time to update their code
-
Maintain the stability of the Canva app ecosystem
13 posts - 3 participants
]]>
The following apps will be receiving rewards from our App Adoption Awards program :
-
Frames Lab
-
Vector Studio
-
Calendar Builder
To try out each of the winning Apps, head to the Canva Apps Marketplace
Happy coding,
Matty
3 posts - 2 participants
]]> The Intents Platform is coming.
A new foundation for building richer, smarter, more seamless experiences directly inside Canva — a place where apps can understand what users are trying to do and step in naturally, instantly, and delightfully.
For indie builders and platform veterans alike, this is the moment to:
-
Start dreaming up new apps built natively for Intents
-
Prepare existing apps to migrate and unlock deeper, more contextual interactions
And to help make that journey smoother for everyone, the foundation has already shifted in your favor:
Our intent-first docs, CLI, and starter kit now give you a clearer, more intuitive path to building intent-driven apps from the very start — reducing friction and helping you move faster with confidence.
The upgraded Developer Portal makes it easier than ever to develop, test, and validate intents, so you can iterate quickly and see exactly how your app behaves in real user flows.
Thank you for celebrating Devcember with us. As we say at Canva, we’re only 1% of the way there — and this next chapter for the Developers Platform is just the beginning. We’re excited to continue this journey with all of you.
Onward to the Intents Platform!
1 post - 1 participant
]]>In short
- Publishing surfaces - export-only is allowed You can start building a Content Publisher intent experience now, and release to the marketplace early next year when the API moves into GA.
- Design surfaces - export on its own is not allowed (no change from today)
What is changing
- Content Publisher intent
- Apps in the Share menu that use Content Publisher intent can now be export-only.
- They must still meet all Content Publisher intent contracts, UX expectations, and App Review requirements.
- Design Editor intent
- Apps in the left hand panel cannot be export-only.
- They must provide meaningful design functionality, with export as an optional part of that flow.
What you should do
- If you are planning an export-only integration, design it for the Content Publisher intent in the Share menu.
- If your Design Editor app is effectively export only, start planning a move to Content Publisher intent or adding real design functionality. Intents are designed to work together within a single app, so you can use the Content Publisher intent seamlessly with the Design Editor intent - even with shared authentication.
- Watch for a formal update in the Developer Terms and policy pages soon - that will be the version App Review uses.
We are excited to unlock more powerful publishing integrations while keeping the Canva editor focused on helping everyone design.
2 posts - 2 participants
]]>Awaiting new powers soon to be found… 
Today, two sparkling gifts land beneath the developer tree — both now available in Developer Preview via the @canva/[email protected] package:
Multi-Account OAuth
Multi-Provider OAuth
Together, they unlock the most flexible authentication flows ever released for Canva apps. Let the festivities begin!
Multi-Account OAuth (Developer Preview)
Apps can now let users connect multiple accounts from the same provider — ideal for DAM tenants, multiple cloud drives, social profiles, or any integration where users switch identities.
With Multi-Account OAuth, developers can:
-
Link multiple accounts from a single provider -
Fetch accounts with displayName, principal, avatar, and connection status -
Use account-specific getAccessToken() to call external APIs -
Refresh accounts or request re-authorization as needed
See the sample code in the docs
Multi-Provider OAuth (Developer Preview)
Alongside multi-account support, apps can now register multiple OAuth providers at once — all inside the same Canva app.
This means users can connect:
-
Google and Dropbox
-
Meta and Bynder
-
Multiple DAMs, CRMs, clouds — whatever your app supports
Apps can now:
-
Register multiple providers in the app manifest
-
Initialize OAuth per provider
-
Combine multi-provider + multi-account for ultimate flexibility
See the sample code in the docs
Both of these new capabilities—multi-account and multi-provider—are available now in Developer Preview, bundled inside: @canva/[email protected]
Find the full guide and API reference here:
To see everything we’ve launched so far, check out the Developer Christmas 2025 thread.
Happy Devcember!
1 post - 1 participant
]]>
Teams evolve, responsibilities shift, and now your app can shift right along with them.
App Owners can now transfer ownership to another collaborator directly in the Developer Portal. When ownership is transferred, the previous owner becomes a Manager, keeping visibility and collaborator controls without the full-owner responsibilities.
Here’s how access levels work today:
Members – Can edit fields, preview the app, and submit for review
Managers – Everything a Member can do, plus manage collaborators
Owners – Full control, including deleting apps and now transferring ownership
Where to find it:
Developer Portal → Your App → Collaborators Tab → Role → Owner → Transfer Ownership
This has been one of the top follow-up requests since we launched Multiplayer, and we’re thrilled to continue strengthening team workflows this Devcember. Give it a try — and let us know how it supports your development flow!
See the full docs here for more information.
2 posts - 2 participants
]]>These APIs are designed to simplify multi-design creation workflows. Apps can initiate Bulk Create directly, with their data automatically shown to them, and then move easily into Publishing those generated designs - built on top of the existing Data Connector and Content Publisher intents. Because this is an early preview, we’re actively improving both APIs, and developer feedback is especially welcome.
Highlights
-
Programmatically open Bulk Create from your app
-
Use your data to generate a design
-
Continue the flow into Publishing without interruptions
-
Build more guided, efficient end-to-end experiences
-
Try the APIs today in Preview, and expect regular updates
Examples
Explore the docs
We’re excited to support more seamless app → product integrations and scaled content workflows with these new tools, and we look forward to your feedback as we continue refining them into the future.
To catch up on everything we’ve launched so far, check out the Developer Christmas 2025 thread. Happy Devcember!
1 post - 1 participant
]]>This new intent enables your app to seamlessly import content from external URLs directly into Canva when users paste links into Canva AI.
What is URL Expander?
URL Expander lets users simply paste a URL from your platform, and your app automatically fetches and imports the content into Canva—no manual uploads, no extra steps. It’s all about creating that frictionless experience we all love.
Here’s how it works:
-
User pastes a URL into Canva AI
-
Your app recognizes the URL pattern and fetches metadata
-
User sees a preview of the content
-
With one click, the content is imported into their design
Perfect for…
-
Document platforms: Google Docs, Notion, Confluence
-
Media libraries: Stock photos, video platforms, design systems
-
DAM systems: Enterprise asset management platforms
-
Cloud storage: Dropbox, OneDrive, SharePoint
Getting Started
Ready to build? Here’s everything you need:
URL Expander intent - URL Expander - Canva Apps SDK Documentation
-
Overview and benefits
-
Step-by-step implementation guide
-
URL pattern validation rules
-
Working example app
Quick implementation checklist:
-
Enable the intent in the Developer Portal
-
Register your URL patterns (e.g., https://yourplatform.com/*)
-
Implement expandUrl() to return content metadata
-
Implement getContent() to fetch the actual asset
-
Test by pasting URLs into Canva AI
Important Notes
This is a beta/preview intent:
-
The API may change without warning
-
Apps using preview intents cannot be submitted for public review yet
-
We’re actively iterating based on developer feedback
Technical requirements:
-
Requires @canva/intents@beta package
-
Needs canva:asset:private:write scope
-
URL patterns must use HTTPS (no HTTP or wildcard TLDs)
We Want Your Feedback!
As this is a preview release, your feedback is incredibly valuable. Tell us:
-
What are you building with URL Expander?
-
What challenges are you facing?
-
What features would make this even better?
-
Any bugs or unexpected behavior?
Drop your thoughts in this thread or reach out to us directly—we’re listening and actively improving based on what you share.
Resources
-
URL Expander intent - URL Expander - Canva Apps SDK Documentation -
URL Expander intent implementation guide - URL Expander - Canva Apps SDK Documentation -
URL Expander URL pattern validation rules - URL Expander - Canva Apps SDK Documentation
-
URL expander intent - Examples - Canva Apps SDK Documentation
Happy building! We can’t wait to see what you create with URL Expander. 
1 post - 1 participant
]]>This means teams no longer need to rely solely on the Canva account email. A shared inbox such as [email protected] can now receive all the essential updates that keep your integration running smoothly.
Here’s what you’ll find in your App → Settings → Developer profile → Message preferences panel:
What this update brings
-
A central place for your team to receive developer-specific communications -
No change to where we send app-status notifications — those still go to the Canva account email -
Better coordination if multiple teammates help maintain your app -
A future-friendly foundation for more communication features
To set it up, simply open Message preferences and add an email address. That’s it — your team is officially in the loop.
If you have ideas for what else you’d like to receive (or avoid!) in dev communications, we’d love to hear from you. Happy Devcember!
3 posts - 3 participants
]]>With Automated App Reviews, developers now receive:
Instant feedback on app listing submissions
Our new service checks your submission as soon as it’s sent. If anything in the listing needs revision, you’ll be notified immediately — no more waiting for the first round of feedback.
Auto-approval for qualifying revisions
If a new revision only touches areas covered by automated checks, your update can be approved automatically, without a manual review gate.
The result? Faster turnaround times, fewer blockers, and a smoother journey from prototype to published app.
We’re excited to see how Automated App Reviews help developers move even more quickly during Devcember!
If you have questions, ideas, or early feedback, drop them below — the team is all ears.
1 post - 1 participant
]]>What’s New
When your app version has changes requested, you’ll now see a revamped feedback view in the app status tab:
This new view gives you:
Clear, actionable issues — Every problem is listed with specific requirements and recommended fixes
Organized by category — Issues are grouped by guideline so you can tackle them systematically
Direct documentation links — Jump straight to Storybook examples and developer docs
Visual attachments — Screenshots and files that show exactly where the issue occurs
Your Path to Resubmission
The new tab walks you through a simple 3-step process:
-
Review the flagged issues
-
Create a new version with the fixes
-
Resubmit with confidence
Less guesswork. Less back-and-forth. Just clear feedback that gets your app closer to release.
Available Now
This feature is rolling out today! Check your Developer Portal the next time you’re working on an app submission.
Questions or feedback? Drop them in the thread below — we’d love to hear what you think!
Happy building!
1 post - 1 participant
]]>Enhanced UI
We’ve generally improved the look and feel of the portal, making navigation more intuitive with better contrast and streamlined headers, including version selection and breadcrumbs.
New Intents Page
This is the headline feature! You can now configure each intent individually on its own dedicated page, add or remove intents, set configurations, or view the code needed to implement them.
Marketing Media Page
We’ve combined the featured images section so that you can see at a glance how images will appear together on the marketplace or in the editor.
App Status Page
We’ve improved how errors are shown. Now, when you read error messages, you can jump directly to the relevant page to fix issues without losing context.
Keep your eyes peeled for more exciting releases this week. To see everything we’ve launched so far, check out the Developer Christmas 2025 thread.
Happy Devcember!
1 post - 1 participant
]]>These hooks however, weren’t versioned, and there wasn’t an easy way to stay up to date… until now!
We’ve shipped @canva/app-hooks, making these hooks an official part of the Apps SDK and giving developers a much cleaner way to manage them. This new package lets teams:
- Install once
- Keep versions aligned across projects
- Reduce code duplication
- Adopt new capabilities the moment we release them
Getting started
Install the package with:
npm install @canva/app-hooks@latest
Then update your usages to import from this package, instead of your local copies:
import {
useFeatureSupport,
useOverlay,
useSelection,
useTable,
} from "@canva/app-hooks";
We’re continuing to move more functionality into npm packages to make versioning and updates even smoother. Is there anything else you’d like to see bundled next? We’d love to hear your thoughts.
Stay tuned, more Devcember s are dropping throughout the week!
To catch up on everything we’ve launched so far, check out the Developer Christmas 2025 thread.
Happy Devcember!
1 post - 1 participant
]]>-
Video: up to 1GB
-
Audio: up to 250MB
This brings App SDK uploads in line with Canva’s general file size limits, making it easier to support professional-grade media workflows across your apps. Whether you’re working with long-form video, music tracks, voiceovers, or AI-generated media, this update should help your pipelines run far more smoothly.
Docs:
-
Uploading Assets (App SDK) → https://www.canva.dev/docs/apps/uploading-assets/
-
Canva’s general upload limits → https://www.canva.com/en_au/help/upload-formats-requirements/
Thank you for the continued feedback—keep it coming, and happy Devcember! 
1 post - 1 participant
]]>Previously, all multi-file export bundles were automatically zipped. While convenient in some scenarios, it added unnecessary steps in others—particularly for pipelines that prefer direct file access. With this update, developers can now state their preference through the new zipped option.
What’s New
requestExport now accepts a new object type in the input array. Through this object, you can specify if the exported files will be zipped or unzipped for each file type.
The behaviour of zipping the exported files.
- For `png`, `jpg`, and `svg`:
- `auto` (default): Files are zipped together if the design has multiple pages, unzipped if it has one page.
- `always`: Files are always zipped into a single zip file, regardless of page count.
- `never`: Files are never zipped, providing an array of files.
- For `video` and `gif`:
- `auto` or `never` (default): Files are never zipped together, regardless of count.
- `always`: Files are always zipped into a single file.
Example
import { Button, Rows } from "@canva/app-ui-kit";
import React from "react";
import * as styles from "styles/components.css";
import { requestExport } from "@canva/design";
import { useFeatureSupport } from "@canva/app-hooks";
export function App() {
const isSupported = useFeatureSupport();
async function handleClick() {
const result = await requestExport({
acceptedFileTypes: [
"pptx",
{ type: "png", zipped: "auto" },
{ type: "video", zipped: "always" },
{ type: "pdf_standard" },
{ type: "jpg", zipped: "never" },
{ type: "gif" },
],
});
}
return (
<div className={styles.scrollContainer}>
<Rows spacing="1u">
<Button
variant="primary"
onClick={handleClick}
disabled={!isSupported(requestExport)}
>
Export design
</Button>
</Rows>
</div>
);
}
Why this matters
-
Simpler integrations: No need to unzip bundles in pipelines that want direct file access.
-
More flexibility: Tools, plugins, and asset pipelines can choose what’s best for their workflows.
Docs & Resources
- RequestExport SDK docs: requestExport - v2 API reference - Canva Apps SDK Documentation
We’re excited to see how developers use this new flexibility in their export workflows. Happy building—and happy Devcember!
1 post - 1 participant
]]>
Developer Christmas 2025 
We’re thrilled to kick off our third annual Developer Christmas with an exciting lineup of new releases dropping over the next 5 days!
Each day, we’ll unwrap multiple s, so keep your eyes peeled and notifications ON 
—we can’t wait to share these with you!
Here’s everything we’ve unwrapped this Devcember and what’s still to come:
Day 1:
Day 2:
Day 3:
Dev Portal Refresh
App Review improvements including feedback in the portal and automated reviews-
Email communications preferences
Day 4:
Day 5:
App ownership transfer-
Multi-account & Multi-provider OAuth 
Export only policy update
Our Intent-ions for 2026
3 posts - 2 participants
]]>What’s new
The new overview brings together all of Canva’s developer products in one clear, structured home. Instead of jumping between SDKs, APIs, and tools, you can now explore our platform by what you want to build — from adding editing tools to embedding Canva in your product, connecting to data sources, publishing instantly, and more.
You can see the fresh new look on canva.dev
Stay tuned for more s dropping throughout this week! To see everything we’ve launched so far, check out the Developer Christmas 2025 thread.
Happy Devcember!
1 post - 1 participant
]]>On top of English, French, German, Indonesian, Japanese, Korean, Portuguese, Spanish, and Turkish, apps will now also be translated into Arabic, Dutch, Italian, Malay, Polish, Romanian, Swedish, Thai, and Vietnamese. All for free!
How the translation process works
From today, uploading UI strings for translation will be a required step in the submission process.
We also strongly encourage anyone with an untranslated app in the Marketplace to submit their strings, as translated apps will be prioritized for promotion in places like the Featured and Trending carousels moving forward.
Here’s how to get started:
-
Prepare your UI strings, following our How localization works guide for new apps or our migration guide for existing apps
-
Upload them for translation on the Code upload page within the developer portal
-
Submit your app for review
-
We’ll translate your app’s content – for free! – into 18 languages as part of the review process
-
You’ll be notified once translation is complete and the new version of your app is ready for release
Got questions? Let us know — we’re here to help!
With more releases rolling out daily this week, be sure to keep an eye out for even more exciting updates! 
7 posts - 5 participants
]]>What’s new
Apps now continue working even if a user goes offline, as long as the app was previously loaded while online. The app UI and most native capabilities (such as adding or editing image elements) will keep running smoothly.
What this means for developers
For most developers: nothing to do!
If an app already handles offline errors for network-dependent actions (like backend API calls), it’s good to go
Unsure whether error handling is in place?
Check out these guides for best practices:
Keep your eyes peeled for more exciting releases this week. To see everything we’ve launched so far, check out the Developer Christmas 2025 thread.
Happy Devcember!
1 post - 1 participant
]]>
The following apps will be receiving rewards from our App Adoption Awards program :
-
Pattern Maker
-
Vector AI
-
Character Creator
-
Depth Text
-
Reshaper
To try out each of the winning Apps, head to the Canva Apps Marketplace
Happy coding,
Matty
1 post - 1 participant
]]>Canva will now use a default expiry of 90 days if your identity provider (IdP) doesn’t return the expires_in field as part of its access token success response.
-
If your configured IdP returns the
expires_infield, your app is not affected by this change. -
If your configured IdP doesn’t return the
expires_infield, your app may be affected by this change. Please note the following:-
If the access tokens issued by your app’s IdP expire earlier than 90 days, then nothing changes for your app. When the current token expires, you must continue use
forceRefreshingetAccessTokento retrieve a new access token. -
If the tokens expire later than 90 days, then Canva will attempt to refresh the token if your app uses
getAccessTokenafter this time.-
If the refresh is successful, the new access token will be returned to your app.
-
If there is no refresh token or the refresh is unsuccessful, the user will need to re-authenticate.
-
-
Note that the duration of the default expiry may change at any time, so please ensure that your app does not depend on its duration.
1 post - 1 participant
]]>If you’re not encountering any CORS errors while previewing Canva Apps you can stop reading now.
The latest release of Google Chrome has blocked localhost network access as per their announcement here. And since Canva development apps run on localhost:8080, embedded within the Canva Editor, you may start seeing CORS errors after updating your browser.
We’ll be rolling out explicit local-network-access checks early next week, after which your browser should prompt you to allow local network access to canva.com.
In the meantime, you have a couple of workarounds.
## Workaround 1:
As this temporarily only impacts the Google Chrome browser, you may continue development using another browser, such as Firefox or Safari (see these instructions for previewing on Safari)
## Workaround 2:
Temporarily disable the local network access checks via chrome://flags/#local-network-access-check whenever you’re developing.
> This flag protects users from cross-site request forgery (CSRF) attacks targeting local network devices. Only disable this if you understand the security implications, and re-enable it when you’re done developing.
Update (13/11/2025):
We’ve added the local-network-access permission to the App iframe, which means Chrome will now prompt you to Allow local network access. We’ve updated our previewing guide with instructions.
2 posts - 1 participant
]]>