Installation

There are two ways to integrate with Typograph, and most real integrations combine them:

1. REST API (via any HTTP client of your choice) — for server-to-server work, automation, and non-browser consumers.
2. Browser scripts (Editor and Canvas, loaded from the CDN) — for embedding the document editor or a read-only renderer in your own web app.

Prerequisites

• An OAuth client. Register one in the Typograph Portal — you'll receive a client_id and (for confidential clients) a client_secret. See Authentication → Getting Credentials for the exact portal navigation.
• The scopes your integration needs. See the Scopes reference.

REST API

Typograph's REST API speaks standard HTTP + JSON. You can use any HTTP client — fetch in the browser, axios/got in Node.js, requests in Python, cURL, Postman, etc.

# Obtain an access token (Client Credentials flow)
curl -X POST https://api.typograph.nl/oauth/token \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=client_credentials" \
  -d "client_id=$TYPOGRAPH_CLIENT_ID" \
  -d "client_secret=$TYPOGRAPH_CLIENT_SECRET" \
  -d "scope=document publisher converter"

See the API Overview for the base URL, request format, error envelope, and rate-limit headers.

Browser Scripts

The Editor and Canvas are CDN-hosted scripts — include them directly in your HTML. There is no npm install step.

<!-- Full editing experience -->
<script type="module" src="https://cdn.typograph.nl/editor/latest/editor.js"></script>

<!-- Read-only canvas -->
<script src="https://cdn.typograph.nl/canvas/latest/canvas.js"></script>

Both scripts expose a window.typograph global once they finish loading; you communicate with them through DOM events (typograph_editor_ready, typograph_init_ready, …) and callback registration. See the full walkthroughs:

• Editor Integration
• Canvas Integration

Browser Security Note

The Editor and Canvas talk to your page, not directly to the API — your backend is responsible for fetching template JSON with a user token and providing it to the scripts via the callbacks. Never embed a client_secret in a browser bundle.

Which Token Do You Need?

Most REST endpoints require a user token (obtained via Authorization Code + PKCE). A smaller set accepts client tokens (obtained via Client Credentials) — publisher jobs, converter jobs, and document validation. The full matrix lives in Token Types.

Next Steps

• Quick Start — obtain a token and make your first API call end-to-end
• Configuration — configure the browser Editor
• API Overview — base URL, request headers, error format