Community Member

User avatar based from institution-hosted photo service

An option for configuring user avatars provided by a remote web service should be made available. ID photos are provided to other SaaS solutions in use by our institution through a web service hosted here. The web service allows ID photos to be retrieved using the student ID number and a hashed value. The hash is composed based off of the student ID and a secret shared between the institution and the vendor. 

A URL could look like the following:

The student ID of 910000000 is presented as the filename, with an optional .jpg extension. The hashed value of "FBB37AEB83C86A52AD29551DD2A6212370A358A7" could be calculated like so:

SELECT standard_hash('910000000' || 'CanvasLMSisGreat', 'SHA1') FROM dual;

Where "CanvasLMSisGreat" is the secret value shared between both parties. 

The hashed value asserts that the caller (in this case, Canvas) has the right to retrieve the photo for student 910000000. It also prevents others from iterating over the student ID and retrieving all the photos for the institution. 

URLs with this pattern could then be provided via feed/API or generated by Canvas to then display the individual's ID photograph at the institution.

Labels (1)
2 Replies
Community Member

For a live example, my current avatar on Canvas Community is using the photo service at my institution.

0 Kudos
Community Team
Community Team


It looks like you may be seeking to accomplish the same thing as another user but with a different program?  You may be able to compare notes and develop a solution?

Check it out at Setting User Avatars Powershell - Canvas Community