Developer Keys

// a Canvas API key (or LTI 1.3 registration)
{
  // The Canvas ID of the DeveloperKey object
  "id": 1,
  // The display name
  "name": "Test Key",
  // Timestamp of the key's creation
  "created_at": "2025-05-30T17:09:18Z",
  // Timestamp of the key's last update
  "updated_at": "2025-05-30T17:09:18Z",
  // The state of the key
  "workflow_state": "active",
  // True if key represents an LTI 1.3 Registration. False for Canvas API keys
  "is_lti_key": false,
  // Contact email configured for key
  "email": "[email protected]",
  // URL for a small icon to display in key list
  "icon_url": "https://example.com/icon.png",
  // User-provided notes about key
  "notes": "this key is for testing",
  // User-specified code representing the vendor that uses the key
  "vendor_code": "Google",
  // The name of the account that owns the key
  "account_name": "Test Account",
  // True for all keys except Site Admin-level keys, which default to false.
  // Controls visibility in the Inherited tab.
  "visible": true,
  // List of API endpoints key is allowed to access (API keys), or LTI 1.3 scopes
  // (LTI keys)
  "scopes": ["url:GET|/api/v1/accounts"],
  // Deprecated in favor of redirect_uris. Do not use.
  "redirect_uri": "no",
  // List of URLs used during OAuth2 flow to validate given redirect URI (API
  // keys), or to redirect to after login (LTI keys)
  "redirect_uris": ["https://mytool.com/oauth2/redirect", "https://mytool.com/1_3/launch"],
  // (API keys only) The number of active access tokens associated with the key
  "access_token_count": 42,
  // (API keys only) The last time an access token for this key was used in an API
  // request
  "last_used_at": "2025-05-30T17:09:18Z",
  // (API keys only) If true, key is only usable in non-production environments
  // (test, beta). Avoids problems with beta refresh.
  "test_cluster_only": false,
  // (API keys only) If true, allows `includes` parameters in API requests that
  // match the scopes of this key
  "allow_includes": true,
  // (API keys only) If true, then token requests with this key must include
  // scopes
  "require_scopes": false,
  // (API keys only) Used in OAuth2 client credentials flow to specify the
  // audience for the access token
  "client_credentials_audience": "external",
  // (API keys only) The client secret used in the OAuth authorization_code flow.
  "api_key": "sd45fg64....",
  // (LTI keys only) The Canvas-style tool configuration for this key.
  "tool_configuration": {"type":"Lti::ToolConfiguration"},
  // (LTI keys only) The tool's public JWK in JSON format. Discouraged in favor of
  // a url hosting a JWK set.
  "public_jwk": {"e":"AQAB","etc":"etc"},
  // (LTI keys only) The tool-hosted URL containing its public JWK keyset. Canvas
  // may cache JWKs up to 5 minutes.
  "public_jwk_url": "https://mytool.com/1_3/jwks",
  // (LTI keys only) The LTI IMS Registration object for this key, if key was
  // created via Dynamic Registration.
  "lti_registration": {"type":"TODO Lti::IMS::Registration"},
  // (LTI keys only) Returns true if key was created via Dynamic Registration.
  "is_lti_registration": false,
  // Unused.
  "user_name": "",
  // Unused.
  "user_id": "",
  // Correlates an API key to a product configuration.
  "unified_tool_id": "6ba7b810-9dad-11d1-80b4-00c04fd430c8"
}