cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
meanspa
Community Participant

Developer Key vs Client ID/Secret

Jump to solution

I'm new to Oauth2 and just trying to get a clear idea of its implementation with Canvas. In the Oath2 documentation page it says the following:

Getting OAuth2 Client ID/Secret
...Performing the OAuth2 token request flow requires an application client ID and client secret. To obtain these application credentials, you will need to register your application. The client secret should never be shared.

For Canvas Cloud (hosted by Instructure), developer keys are issued by the admin of the institution.

I'm confused by the relationship between Developer Keys and Client ID's/Secrets. Based on this page, it sounds like Developer Keys are a combination of the Client ID and Secret(?). However, for the rest of the Oath2 page it refers to the Client ID and Client Secret as separate things, and they're used separately. How is the Developer Key suppose to be used after you get it?

Thanks!

1 Solution

Accepted Solutions
pklove
Community Champion

OAuth2 client_id = Developer Key ID (eg, 12345678)


OAuth2 client_secret = Developer Key Key (eg, asdffsadfsdafsdsdfsdfsdfEAFEAefaFAEFaeFARGtrHGRtHrtHrtHrthRThrtH)

View solution in original post

3 Replies
pklove
Community Champion

OAuth2 client_id = Developer Key ID (eg, 12345678)


OAuth2 client_secret = Developer Key Key (eg, asdffsadfsdafsdsdfsdfsdfEAFEAefaFAEFaeFARGtrHGRtHrtHrtHrthRThrtH)

View solution in original post

meanspa
Community Participant

Hi Peter. Very helpful, thanks! Also within Canvas, in Admin/Developer Keys, do you know if the Developer Key ID is the number that's initially displayed under "Details" (see screenshot)?

318135_pastedImage_1.png

Thanks!

pklove
Community Champion

Yes, the 1002.... number is the key ID (= client_id) and the "Show Key" gives you the client_secret.