Instructure Developer Documentation Portal
Community
  • Introduction
  • Services
    • Elevate Standards Alignment - AB Connect API
      • Introduction
        • Authentication
        • Addressing Object Properties
        • Requesting Additional Properties in the Response
        • Filtering Using ODATA Like Statements
        • Sorting
        • Facets
        • Paging Data
        • Call Throttling
        • Working with Related Object
        • Error Responses
        • Character Set Support
        • How To Articles, Recommendations and Suggestions
        • Examples
        • Using AB Connect's Embeddable Widgets
      • Reference
        • Standards
        • Standard Collections
        • Events
        • Topics
        • Concepts
        • Assets
        • Asset Definitions
        • Asset Collections
        • Managing and Predicting Relationships
        • Providers
    • Canvas LMS
      • Basics
        • GraphQL
        • API Change Log
        • SIS IDs
        • Pagination
        • Throttling
        • Compound Documents
        • File Uploads
        • API Endpoint Attributes
        • Masquerading
      • OAuth2
        • OAuth2 Overview
        • OAuth2 Endpoints
        • Developer Keys
      • Resources
        • Access Tokens
        • Account Calendars
        • Account Domain Lookups
        • Account Notifications
        • Account Reports
        • Accounts
        • Accounts (LTI)
        • Admins
        • Analytics
        • Announcement External Feeds
        • Announcements
        • API Token Scopes
        • Appointment Groups
        • Assignment Extensions
        • Assignment Groups
        • Assignments
        • Authentication Providers
        • Authentications Log
        • Blackout Dates
        • BlockEditorTemplate
        • Blueprint Courses
        • Bookmarks
        • Brand Configs
        • Calendar Events
        • Collaborations
        • CommMessages
        • Communication Channels
        • Conferences
        • Content Exports
        • Content Migrations
        • Content Security Policy Settings
        • Content Shares
        • Conversations
        • Course Audit log
        • Course Pace
        • Course Quiz Extensions
        • Course Reports
        • Courses
        • Custom Gradebook Columns
        • Developer Key Account Bindings
        • Developer Keys
        • Discussion Topics
        • Enrollment Terms
        • Enrollments
        • ePortfolios
        • ePub Exports
        • Error Reports
        • External Tools
        • Favorites
        • Feature Flags
        • Files
        • Grade Change Log
        • Gradebook History
        • Grading Period Sets
        • Grading Periods
        • Grading Standards
        • Group Categories
        • Groups
        • History
        • InstAccess tokens
        • JWTs
        • Late Policy
        • Learning Object Dates
        • Line Items
        • LiveAssessments
        • Logins
        • LTI Launch Definitions
        • LTI Registrations
        • LTI Resource Links
        • Media Objects
        • Moderated Grading
        • Modules
        • Names and Role
        • New Quiz Items
        • New Quizzes
        • New Quizzes Accommodations
        • New Quizzes Reports
        • Notification Preferences
        • Originality Reports
        • Outcome Groups
        • Outcome Imports
        • Outcome Results
        • Outcomes
        • Pages
        • Peer Reviews
        • Planner
        • Poll Sessions
        • PollChoices
        • Polls
        • PollSubmissions
        • Proficiency Ratings
        • Progress
        • Public JWK
        • Quiz Assignment Overrides
        • Quiz Extensions
        • Quiz IP Filters
        • Quiz Question Groups
        • Quiz Questions
        • Quiz Reports
        • Quiz Statistics
        • Quiz Submission Events
        • Quiz Submission Files
        • Quiz Submission Questions
        • Quiz Submission User List
        • Quiz Submissions
        • Quizzes
        • Result
        • Roles
        • Rubrics
        • Sandboxes
        • Score
        • Search
        • Sections
        • Services
        • Shared Brand Configs
        • SIS Import Errors
        • SIS Imports
        • SIS Integration
        • Smart Search
        • Submission Comments
        • Submissions
        • Tabs
        • Temporary Enrollment Pairings
        • User Observees
        • Users
        • What If Grades
      • Outcomes
        • Outcomes CSV Format
      • Group Categories
        • Group Categories CSV Format
      • SIS
        • SIS CSV Format
      • External Tools
        • LTI
          • Introduction
          • Registration
          • Launch Overview
          • Configuring
          • Variable Substitutions
          • Deep Linking
          • Grading
          • Provisioning
          • PostMessage
          • Platform Notification Service
          • Placements
            • Placements Overview
            • Navigation
            • Homework Submission
            • Editor Button
            • Migration Selection
            • Link Selection (Modules)
            • Assignment Selection
            • Collaborations
        • xAPI
        • Canvas Roles
        • Plagiarism Detection Platform
          • Overview
          • Plagiarism Detection Platform Assignments
          • Plagiarism Detection Platform Users
          • Plagiarism Detection Submissions
          • Webhooks Subscriptions for Plagiarism Platform
          • JWT Access Tokens
      • Data Services
        • Live Events
          • Overview
            • Introduction
            • Setup
            • Caliper
            • Metadata
          • Event Format
            • Canvas
              • Account
              • Asset
              • Assignment
              • Attachment
              • Content
              • Conversation
              • Course
              • Discussion
              • Enrollment
              • Grade
              • Group
              • Learning
              • Logged
              • Module
              • Outcome
              • Outcomes
              • Plagiarism
              • Quiz
              • Rubric
              • Sis
              • Submission
              • Syllabus
              • User
              • Wiki
            • Caliper IMS 1.1
              • Assessment
              • Basic
              • Forum
              • Grading
              • Navigation Events
              • Session
    • Catalog
      • APIs
        • Analytics
        • Bulk Enrollments
        • Catalogs
        • Certificates
        • Completed Certificates
        • Courses
        • Email Domain Set
        • Enrollments
        • Orders
        • Programs
        • Progresses
        • Tags
        • User Registrations
        • Users
        • Waitlist Applicants
    • Credentials
      • Getting Started
      • Authentication
        • Password-Based Authentication
        • Authorization Code-Based Authentication
      • Pagination
      • APIs
        • Assertions
        • Backpack
        • Badgeclasses
        • Issuers
        • Organizations
        • Users
      • Release Notes
    • Data Access Platform
      • Key Concepts
      • Data Formats
      • Rate Limits & Policies
      • Datasets
        • Namespaces
          • canvas
            • canvas types
          • canvas_logs
          • catalog
        • Additional Notes
        • Entity Relationship Diagram
      • Query API
        • Authentication
        • Reference
      • Command Line (DAP CLI)
        • Getting Started
        • Secure Connection
        • Reference
          • dap snapshot
          • dap incremental
          • dap list
          • dap schema
          • dap initdb
          • dap syncdb
          • dap dropdb
      • Client Library
        • Examples
        • Reference
      • Release Notes
      • Status
    • DataSync
      • Interop API
      • Interop Data API
      • Grades Exchange API
      • OneRoster API
      • Platform API
    • Instructure Media
      • Studio API
    • Quizzes
      • Quiz API
Powered by GitBook

Copyright © 2008-2024 Instructure, Inc. All rights reserved. Various trademarks held by their respective owners.

On this page
  • List Developer Keys
  • Create a Developer Key
  • Update a Developer Key
  • Delete a Developer Key

Was this helpful?

  1. Services
  2. Canvas LMS
  3. Resources

Developer Keys

PreviousDeveloper Key Account BindingsNextDiscussion Topics

Last updated 1 month ago

Was this helpful?

Manage Canvas API Keys, used for OAuth access to this API. See for usage of these keys. Note that DeveloperKeys are also (currently) used for LTI 1.3 registration and OIDC access, but this endpoint deals with Canvas API keys. See for details.

A DeveloperKey object looks like:

// a Canvas API key (or LTI 1.3 registration)
{
  // The Canvas ID of the DeveloperKey object
  "id": 1,
  // The display name
  "name": "Test Key",
  // Timestamp of the key's creation
  "created_at": "2025-05-30T17:09:18Z",
  // Timestamp of the key's last update
  "updated_at": "2025-05-30T17:09:18Z",
  // The state of the key
  "workflow_state": "active",
  // True if key represents an LTI 1.3 Registration. False for Canvas API keys
  "is_lti_key": false,
  // Contact email configured for key
  "email": "test@example.com",
  // URL for a small icon to display in key list
  "icon_url": "https://example.com/icon.png",
  // User-provided notes about key
  "notes": "this key is for testing",
  // User-specified code representing the vendor that uses the key
  "vendor_code": "Google",
  // The name of the account that owns the key
  "account_name": "Test Account",
  // True for all keys except Site Admin-level keys, which default to false.
  // Controls visibility in the Inherited tab.
  "visible": true,
  // List of API endpoints key is allowed to access (API keys), or LTI 1.3 scopes
  // (LTI keys)
  "scopes": ["url:GET|/api/v1/accounts"],
  // Deprecated in favor of redirect_uris. Do not use.
  "redirect_uri": "no",
  // List of URLs used during OAuth2 flow to validate given redirect URI (API
  // keys), or to redirect to after login (LTI keys)
  "redirect_uris": ["https://mytool.com/oauth2/redirect", "https://mytool.com/1_3/launch"],
  // (API keys only) The number of active access tokens associated with the key
  "access_token_count": 42,
  // (API keys only) The last time an access token for this key was used in an API
  // request
  "last_used_at": "2025-05-30T17:09:18Z",
  // (API keys only) If true, key is only usable in non-production environments
  // (test, beta). Avoids problems with beta refresh.
  "test_cluster_only": false,
  // (API keys only) If true, allows `includes` parameters in API requests that
  // match the scopes of this key
  "allow_includes": true,
  // (API keys only) If true, then token requests with this key must include
  // scopes
  "require_scopes": false,
  // (API keys only) Used in OAuth2 client credentials flow to specify the
  // audience for the access token
  "client_credentials_audience": "external",
  // (API keys only) The client secret used in the OAuth authorization_code flow.
  "api_key": "sd45fg64....",
  // (LTI keys only) The Canvas-style tool configuration for this key.
  "tool_configuration": {"type":"Lti::ToolConfiguration"},
  // (LTI keys only) The tool's public JWK in JSON format. Discouraged in favor of
  // a url hosting a JWK set.
  "public_jwk": {"e":"AQAB","etc":"etc"},
  // (LTI keys only) The tool-hosted URL containing its public JWK keyset. Canvas
  // may cache JWKs up to 5 minutes.
  "public_jwk_url": "https://mytool.com/1_3/jwks",
  // (LTI keys only) The LTI IMS Registration object for this key, if key was
  // created via Dynamic Registration.
  "lti_registration": {"type":"TODO Lti::IMS::Registration"},
  // (LTI keys only) Returns true if key was created via Dynamic Registration.
  "is_lti_registration": false,
  // Unused.
  "user_name": "",
  // Unused.
  "user_id": ""
}

GET /api/v1/accounts/:account_id/developer_keys

Scope: url:GET|/api/v1/accounts/:account_id/developer_keys

List all developer keys created in the current account.

Request Parameters:

Parameter
Type
Description

inherited

boolean

Defaults to false. If true, lists keys inherited from Site Admin (and consortium parent account, if applicable).

POST /api/v1/accounts/:account_id/developer_keys

Scope: url:POST|/api/v1/accounts/:account_id/developer_keys

Create a new Canvas API key. Creating an LTI 1.3 registration is not supported here and should be done via the LTI Registration API.

Request Parameters:

Parameter
Type
Description

developer_key

Required json

no description

developer_key[auto_expire_tokens]

boolean

Defaults to false. If true, access tokens generated by this key will expire after 1 hour.

developer_key[email]

string

Contact email for the key.

developer_key[icon_url]

string

URL for a small icon to display in key list.

developer_key[name]

string

The display name.

developer_key[notes]

string

User-provided notes about the key.

developer_key[redirect_uri]

string

Deprecated in favor of redirect_uris. Do not use.

developer_key[redirect_uris]

array

List of URLs used during OAuth2 flow to validate given redirect URI.

developer_key[vendor_code]

string

User-specified code representing the vendor that uses the key.

developer_key[visible]

boolean

Defaults to true. If false, key will not be visible in the UI.

developer_key[test_cluster_only]

boolean

Defaults to false. If true, key is only usable in non-production environments (test, beta). Avoids problems with beta refresh.

developer_key[client_credentials_audience]

string

Used in OAuth2 client credentials flow to specify the audience for the access token.

developer_key[scopes]

array

List of API endpoints key is allowed to access.

developer_key[require_scopes]

boolean

If true, then token requests with this key must include scopes.

developer_key[allow_includes]

boolean

If true, allows ‘includes` parameters in API requests that match the scopes of this key.

PUT /api/v1/developer_keys/:id

Scope: url:PUT|/api/v1/developer_keys/:id

Update an existing Canvas API key. Updating an LTI 1.3 registration is not supported here and should be done via the LTI Registration API.

Request Parameters:

Parameter
Type
Description

developer_key

Required json

no description

developer_key[auto_expire_tokens]

boolean

Defaults to false. If true, access tokens generated by this key will expire after 1 hour.

developer_key[email]

string

Contact email for the key.

developer_key[icon_url]

string

URL for a small icon to display in key list.

developer_key[name]

string

The display name.

developer_key[notes]

string

User-provided notes about the key.

developer_key[redirect_uri]

string

Deprecated in favor of redirect_uris. Do not use.

developer_key[redirect_uris]

array

List of URLs used during OAuth2 flow to validate given redirect URI.

developer_key[vendor_code]

string

User-specified code representing the vendor that uses the key.

developer_key[visible]

boolean

Defaults to true. If false, key will not be visible in the UI.

developer_key[test_cluster_only]

boolean

Defaults to false. If true, key is only usable in non-production environments (test, beta). Avoids problems with beta refresh.

developer_key[client_credentials_audience]

string

Used in OAuth2 client credentials flow to specify the audience for the access token.

developer_key[scopes]

array

List of API endpoints key is allowed to access.

developer_key[require_scopes]

boolean

If true, then token requests with this key must include scopes.

developer_key[allow_includes]

boolean

If true, allows ‘includes` parameters in API requests that match the scopes of this key.

DELETE /api/v1/developer_keys/:id

Scope: url:DELETE|/api/v1/developer_keys/:id

Delete an existing Canvas API key. Deleting an LTI 1.3 registration should be done via the LTI Registration API.


Returns a list of objects.

Returns a object.

Returns a object.

Returns a object.

This documentation is generated directly from the Canvas LMS source code, available .

the OAuth access docs
LTI Registration
DeveloperKeysController#index
DeveloperKeysController#create
DeveloperKeysController#update
DeveloperKeysController#destroy
on Github
List Developer Keys
DeveloperKey
Create a Developer Key
DeveloperKey
Update a Developer Key
DeveloperKey
Delete a Developer Key
DeveloperKey