[Admin Tools] Restrict Canvas Access Token Creation or Provide Better Messaging on Page

The New access token window does not offer adequate warning that whoever is generating an access token may be inadvertently allowing access to data subject to GDPR regulations by a third party. There is no way of editing the message within this page.

We would like to request the capacity to restrict/allow for approval by system admin of a token generation request by a Canvas user.

If this is not possible, we would like to have the ability to edit the language on this window.

If that is not possible, we would like instructure to review the language of the message, improve its visibility, and underscore the data protection risks that can come form sharing a token.

 Access token.png

7 Comments
p_a_hudson
Community Participant

This was flagged up as a big GDPR risk when we implemented Canvas. We've used javascript to hide any option we feel might allow staff to create a token. But we would prefer more admin control over this facility

ctitmus
Instructure Alumni
Instructure Alumni
Status changed to: Open
 
KristinL
Community Team
Community Team
Status changed to: New
 
KristinL
Community Team
Community Team
Status changed to: Added to Theme
 
nathanatkinson
Community Team
Community Team
Status changed to: New
 
nathanatkinson
Community Team
Community Team
Status changed to: New
 
nathanatkinson
Community Team
Community Team
Status changed to: Open