Authentication
How to obtain and use the Access Token (JWT)
Last updated
Was this helpful?
How to obtain and use the Access Token (JWT)
Last updated
Was this helpful?
If you are an Institution: make sure that you have generated your ClientID and Secret for institutional use on the Identity Service page.
If you are a Partner of Instructure: make sure that you have received your ClientID and Secret from your Institution.
Keep your ClientID and Secret in a safe place! Do not share with anyone else!
Using the ClientID and Secret you are ready to request for an access token
. The access token
is a JSON Web Token, that grants access to the targeted Instructure service. This is a short lived token, it needs to be renewed periodically. Typically expires in one hour.
The following code snippet uses curl
to send the request and jq
to extract the access token
from the answer:
Once you received the access token
you can call the desired service. The example below will demonstrate this by querying the list of table names that exist in Canvas using the CD2 service. The access token
shall be passed as a bearer token in the Authorization header:
Upon success the call returns with a list of table names available Canvas.
x-instauth
Header ParameterThe use of x-instauth
header parameter to pass the access token
is considered deprecated. Instead use the Authorization
header parameter as shown above. In case both header parameters are filled (x-instauth
and Authorization
), Authorization
will take precedence.
Due to compatibility reasons x-instauth
will be still supported for a while, but all clients are encouraged to switch to the new header value as soon as possible.
Issues a JSON Web Token (JWT) to be used in subsequent to API calls.
The received JWT (see access_token
property in the Responses section)
needs to be passed in the header of every upcoming service call as a
Bearer token.
Note that this is a short lived token, it needs to be renewed periodically. Typically expires in one hour.
/ids/auth/login