Community Help

John_Lowe · ‎05-01-2015

Is there such a thing as a read-only Data Access Token? For instance, can a token be generated that allows any GET requests but denies any POST requests?

karl · ‎05-01-2015

John, technically no, but API tokens are scoped to have the same permissions as the user does in Canvas. It is possible to restrict access by creating a custom role with specific permissions then attaching a user to the role and issuing the API token for that user. It's not ideal and token scoping is something we have discussed and plan to develop more around in the future.

View solution in original post

scottdennis · ‎05-01-2015

Hey John,

Great question!

I'm going to go ahead and move this over to Canvas Developers where you are more likely to get responses.

Cheers

karl · ‎05-01-2015

John, technically no, but API tokens are scoped to have the same permissions as the user does in Canvas. It is possible to restrict access by creating a custom role with specific permissions then attaching a user to the role and issuing the API token for that user. It's not ideal and token scoping is something we have discussed and plan to develop more around in the future.

Read-only data access tokens?

Open API

How to get users LTI v1.3 ID outside of the SSO pa...

Automate admin report 'Grade Export'

ícones de paginas e módulos no Canvas

Integrating Proctor tool on canvas

Canvas mobile app on self hosted instance

API for Exporting the Individual Assignment URL's ...

How to get users LTI v1.3 ID outside of the SSO pa...

Issue in launching external app in self hosted can...

Automate admin report 'Grade Export'

ícones de paginas e módulos no Canvas

You're signed out

Read-only data access tokens?

Community Help

View our top guides and resources: