How do I manage API access tokens in my user account?
You can manage API access tokens from your User Settings. Access tokens provide access to Canvas resources through the Canvas API. Access tokens can be generated automatically for third-party applications or created manually.
Using the Canvas API allows the access token holder to access the same Canvas resources that you can access. For example, third-party applications, including devices you have used to open the Canvas Student app, are authorized to access Canvas on your behalf. For more information on using the Canvas API, view the Canvas API documentation.
Note: If you are an admin, you can limit the ability to manage access tokens to admins only. Learn about the Admin Manage Access Tokens account feature option in the Canvas Feature Option Summary resource document.
Open User Settings
In Global Navigation, click the Account link [1], then click the Settings link [2].
View Access Tokens
Third-party applications with access tokens and user-generated access tokens are listed in the Approved Integrations section [1].
For each access token, you can view the name [2], purpose [3], expiration date [4], and date of last use [5].
Note: Mobile access tokens are generated for you when you log in to a Canvas mobile app and never expire. To remove access for a mobile application, the access token must be deleted.
Add Access Token
To manually add an access token, click the Add New Access Token button.
Note: If the Add Access Token button is unavailable, your institution may allow only admins to generate access tokens. If you are an admin, you can learn more about the Admin Manage Access Tokens account feature option in the Canvas Feature Option Summary resource document.
Add Token Details
Enter a description for your access token in the Purpose field [1]. You can select an expiration date by clicking the Expiration date field or the Calendar icon [2]. You can also select an expiration time from the Expiration time drop-down menu [3]. To generate a token with no expiration, leave the expiration fields empty.
To generate a new access token, click the Generate Token button [4].
View Access Token
View the token description [1]. To view details for the token, click the details link [2].
View Token Details
The access token details include a token that can be used to make API calls on your behalf [1].
To regenerate an access token, click the Regenerate Token button [2].
Delete Access Token
To delete an access token, click the Delete icon.
Confirm Deletion
To confirm the deletion, click the OK button.