How do I manage API access tokens as an admin?
You can manage API access tokens from your User Settings. Access tokens provide access to Canvas resources through the Canvas API. Access tokens can be generated automatically for third-party applications or created manually.
Using the Canvas API allows the access token holder to access the same Canvas resources that you can access. For example, third-party applications, including devices you have used to open the Canvas mobile apps, are authorized to access Canvas on your behalf. API calls require authorization and are made on behalf of an authorized user. For more information on using the Canvas API, view the Canvas API documentation.
Once you have a Canvas login you can create one of these access tokens to use for testing your development projects. This token must be included as a URL query parameter in any API calls made to Canvas.
Canvas tokens align with Canvas permissions. If your Canvas account is deleted, your tokens will be revoked. If you no longer have an administrative role in Canvas, your previously generated tokens will adjust to your new permissions.
- Users with masquerading privileges cannot remove the token on behalf of other users.
- Canvas admins cannot bulk delete API access tokens for users at their institution.
In Global Navigation, click the Account link , then click the Settings link .
Third-party applications with access tokens and user-generated access tokens are listed in the Approved Integrations section .
For each access token, you can view the name , purpose , expiration date , and date of last use .
To add an access token, click the Add New Access Token button.
View the token description . To view details for the token, click the details link .