I'm looking to integrate the Canvas API with our web applications so that instructors can use their Canvas data, and I am a bit confused regarding the 'developer keys". I want all our users to be able to integrate with their institution.

From my research on similar posts here as well as the docs I assume I need to..

1. Run Canvas locally
2. Create an inherited key (Can I do this or do I need to contact the Partnership team?)
3. Communicate with our users that they need to have their administrators approve our inherited key for every institution using our application
4. Get the user's Canvas domain needed for requests (Best practice?)

Then I should be able to use the oAuth workflow redirects and requests to authenticate users and make requests on their behalf.

Is my understanding of this process correct? Or is there something I'm missing?