OAuth id/secret generation for hosted canvas
780 views
Skip to first unread message
Paul York
Jan 21, 2012, 6:40:33 PM1/21/12
to Canvas LMS Users
Forgive me if this is more obvious than it appears. I need a client_id
and secret. According to the docs:
Performing the OAuth2 token request flow requires an application
client ID and client secret.
To obtain these application credentials, you will need to register
your application. The client
secret should never be shared. For open source Canvas users, you
will need to generate a
client_id and client_secret for your application.
Great. I want to create a mobile app that hits the HOSTED instance
(i.e., canvas.instructure.com). How do I "register" my app for this
instance? Do I need to register my app for every separate instance of
canvas (uugh!!)? I know this is a group primarily for users of the OSS
version, but the corporate "user" support folks were clueless about
this.
Thanks!
and secret. According to the docs:
Performing the OAuth2 token request flow requires an application
client ID and client secret.
To obtain these application credentials, you will need to register
your application. The client
secret should never be shared. For open source Canvas users, you
will need to generate a
client_id and client_secret for your application.
Great. I want to create a mobile app that hits the HOSTED instance
(i.e., canvas.instructure.com). How do I "register" my app for this
instance? Do I need to register my app for every separate instance of
canvas (uugh!!)? I know this is a group primarily for users of the OSS
version, but the corporate "user" support folks were clueless about
this.
Thanks!
Devlin Daley
Jan 22, 2012, 9:38:14 PM1/22/12
to canvas-l...@googlegroups.com
http://www.instructure.com/partners to register with Canvas Cloud.
You would need register with each community installation, since they are completely independent of each other.
Cody Cutrer
Jan 22, 2012, 11:14:09 PM1/22/12
to canvas-l...@googlegroups.com
Just to be clear, you will only need to register once for all schools that are <schoolname>.instructure.com (and a few that have custom domain names, but are still hosted by Instructure). It's just each school that hosts their own Canvas will need to be registered with separately.
Cody Cutrer
Software Engineer
Instructure, Inc.
Paul York
Jan 24, 2012, 10:44:38 PM1/24/12
to Canvas LMS Users
Thanks to both of you for the quick, detailed and helpful replies. I
was afraid that might be the case (re: separate registrations per
school). How do you get around this with the iOS app? Or do you? Is
there some way that a future build of the OSS / self-hosted options
could somehow "trust" any app that is trusted by the "main" hosted
instance? Or at least a way to opt-in to a trust (i.e., sign in to an
admin page on their own instance and choose from a list of all
registered "partner" apps)?
On Jan 22, 11:14 pm, Cody Cutrer <c...@instructure.com> wrote:
> Just to be clear, you will only need to register once for all schools that
> are <schoolname>.instructure.com (and a few that have custom domain names,
> but are still hosted by Instructure). It's just each school that hosts
> their own Canvas will need to be registered with separately.
>
> Cody Cutrer
> Software Engineer
> Instructure, Inc.
>
> On Sun, Jan 22, 2012 at 7:38 PM, Devlin Daley <dev...@instructure.com>wrote:
>
>
>
>
>
>
>
> >http://www.instructure.com/partnersto register with Canvas Cloud.
was afraid that might be the case (re: separate registrations per
school). How do you get around this with the iOS app? Or do you? Is
there some way that a future build of the OSS / self-hosted options
could somehow "trust" any app that is trusted by the "main" hosted
instance? Or at least a way to opt-in to a trust (i.e., sign in to an
admin page on their own instance and choose from a list of all
registered "partner" apps)?
On Jan 22, 11:14 pm, Cody Cutrer <c...@instructure.com> wrote:
> Just to be clear, you will only need to register once for all schools that
> are <schoolname>.instructure.com (and a few that have custom domain names,
> but are still hosted by Instructure). It's just each school that hosts
> their own Canvas will need to be registered with separately.
>
> Cody Cutrer
> Software Engineer
> Instructure, Inc.
>
> On Sun, Jan 22, 2012 at 7:38 PM, Devlin Daley <dev...@instructure.com>wrote:
>
>
>
>
>
>
>
>
> > You would need register with each community installation, since they are
> > completely independent of each other.
>
> > You would need register with each community installation, since they are
> > completely independent of each other.
>
Brian Palmer
Jan 25, 2012, 11:18:34 AM1/25/12
to canvas-l...@googlegroups.com
I could see us possibly doing that at some point, though it's by no means certain. It'd have to be limited to "public" apps, and not "confidential" apps, as defined in the oauth 2.0 spec. Confidential apps send a client secret when requesting a token, and we can't allow the same client secret to be used for both OSS installs and Canvas Cloud without breaking that confidentiality.
Right now Canvas only supports confidential apps, and it's undecided whether we'll ever support public apps in Canvas Cloud. The Instructure-developed iOS apps don't work with OSS installs.
Another route we could take, but one that isn't currently defined in the OAuth 2.0 spec, would be to have confidential apps send some sort of token signed by their secret in a non-replayable manner, rather than sending the secret itself. And then OSS installs could delegate to Canvas Cloud on whether or not to trust the request. That might be an interesting addition to propose to the OAuth 2.0 working group, really.
-- Brian Palmer
-- Brian Palmer
prab...@gmail.com
Mar 6, 2014, 7:55:19 AM3/6/14
to canvas-l...@googlegroups.com
I also want to get client_id and secret . i read canvas api documentation .
They said that for cloud we have to register in this link http://www.instructure.com/partners , here where is register option. can you tell me where should i register in this link ?
They said that for cloud we have to register in this link http://www.instructure.com/partners , here where is register option. can you tell me where should i register in this link ?
Cody Cutrer
Mar 6, 2014, 12:22:06 PM3/6/14
to canvas-l...@googlegroups.com
--
---
You received this message because you are subscribed to the Google Groups "Canvas LMS Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to canvas-lms-use...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Reply all
Reply to author
Forward
0 new messages