Skip to content

Authentication

All requests to api.canvasmesh.app/v1/* require an API key. Share links (/share/:token/...) are public and do not require authentication.

Generate an API key

Section titled “Generate an API key”
  1. Sign in at canvasmesh.app.
  2. Open Settings → API Keys.
  3. Click Create Key, give it a label, and copy the token (shown once).

Treat API keys like passwords — anyone with the key can create, read, update, and delete your canvases.

CLI

Section titled “CLI”

Interactive login (recommended):

Terminal window
canvasmesh login

The CLI will prompt for your API key and endpoint. Or pass the token directly:

Terminal window
canvasmesh login --token <your-api-key>

The key is saved to ~/.canvasmesh/config.json. Verify with:

Terminal window
canvasmesh whoami

Remove with:

Terminal window
canvasmesh logout

SDK

Section titled “SDK”
import { CanvasClient } from '@canvasmesh/sdk-js';


const client = new CanvasClient({
  apiKey: process.env.CANVASMESH_API_KEY!,
});

Never hard-code keys in source. Read from environment variables or a secret manager.

REST

Section titled “REST”

Send the key as a bearer token in the Authorization header:

Terminal window
curl https://api.canvasmesh.app/v1/canvases \
  -H "Authorization: Bearer $CANVASMESH_API_KEY"

Revocation

Section titled “Revocation”

Revoke a key from Settings → API Keys. All requests using the revoked key will immediately return 401 Unauthorized.