Community Help

10618071 · ‎06-03-2021

We have been working to update to LTI 1.3 and scoped tokens.

We have been using GraphQL for several years

Before we made the switch I received an assurance from Canvas developers that GraphQL would work with scoped tokens.

Our tests worked so we spent a few months building it, but this morning when we use a scoped token, GraphQL requests return this error:

"Insufficient scopes on access token"

If we disable token scoping on the key, the request works fine, and we can confirm that we have access to the API 1.0 version of the same request when the scope is enabled.

Has GraphQL and tokens been changed? Anyone have an idea what is going on?

James · ‎06-03-2021

@10618071 this may sound like a silly question, but are you sure that you allowed all of the scopes that you need for the GraphQL queries that you are using?

Have you tried modifying the scope to allow all access (including allow include parameters) and then tested it? If it works then, but doesn't work the way you have it now, it's most likely missing a scope that is needed.

matthew_buckett · ‎06-04-2021

What would be really handy is if you could put a developer key in "record mode" where it just logs the scopes you've used so that during development/testing you can easily see what you are using and then in production you can have the extra security of limiting the scopes.

10618071 · ‎04-29-2022

Any update on GraphQL with a scoped token? I used to ask these questions to Connor Merchant, but it looks like his email is gone now, maybe he left the company?

Davidemolin · ‎05-20-2024

Hi @10618071 , did you find a solution to this issue? I'm now in the same exact situation, as I've to query GraphQL to extract pieces of data the Canvas REST API is not providing me with, so being able to query via GraphQL using a scoped token is essential to my project

GraphQL stopped working with scoped tokens?

GraphQL

scopes

Questions on Tests and quizzes

SmartSearch with exact match?

Access course allow_student_wiki_edits property vi...

Disabling notifications for observers

How to access and manage Question Banks via API? A...

Questions on Tests and quizzes

SmartSearch with exact match?

Access course allow_student_wiki_edits property vi...

Disabling notifications for observers

GraphQL authentication using browser cookies

You're signed out

GraphQL stopped working with scoped tokens?

Community Help

View our top guides and resources: