cancel
Showing results for 
Search instead for 
Did you mean: 
hzelada
Community Member

How login Canvas from my .net application?

Hello,

I have a .net mvc application and inside this I have a link for the Canvas login. The credentials to login in my application are the same to login in Canvas.

I need; After logging into my .net application and clicking on the link to Canvas, the session in Canvas should already start and not log in again as it is doing now.

I tried using OAuth2 according to the Canvas documentation.https://canvas.instructure.com/doc/api/file.oauth.html

First I set up a new developer key, then I tried putting the url in the browser to see the answer, but I get the following error: Neither do I know if I am sending the correct values in the url.

developer key

GET: https://domain.instructure.com/login/oauth2/auth?client_id=XXX&response_type=code&redirect_uri=https...

Response: https://my.netmvc.app/?error=unauthorized_client&error_description=Client+does+not+have+access+to+th....

I do not know what I'm doing wrong or what I need to configure.

On the other hand, searching I found a .net toolkit from Onelogin but I do not know how to use it, this indicates that I have to change some parameters but I do not know exactly what values they put in them. This is the toolkit that I found https://developers.onelogin.com/saml/c-and-aspnet

As you can see I do not know about the subject, I investigated but I could not find a solution. If someone could help me explaining, giving me examples or the correct way to implement this, I would greatly appreciate it.

Apologies for the bad English and thanks in advance.

0 Kudos
1 Reply
pklove
Community Champion

You cannot simply log the user into Canvas.

You could use the OAuth flow to get an access and refresh tokens.  This will require the user to authorise your application via the browser.  Once you have the access token, you can generate an URL that will log them into Canvas, and optionally send them to a specific page (OAuth2 Endpoints - Canvas LMS REST API Documentation ).

If you store the user/refresh token, your application could then log them in the future without going through the OAuth flow again.