Community help

DanielLim · ‎07-26-2023

Some of our Canvas teachers want to know what grade level their students are. Because I don't know of any place to store this data I started adding this data through the /v1/users/{user_id}/custom_data API endpoint. Now I can access student grade levels through the 'People' interface and the 'Gradebook' interface in a particular course.

The problem is I can only seem to access this data as an ADMIN. When teachers try to access this data it seems they don't have the privileges to run the code I've written to access the API endpoint.

Is there any work around for this?

melodyc_lam · ‎07-28-2023

Hey @DanielLim without your code we won't be able to help much, but according to the API endpoint documentation here you have to be an account admin with the "manage users" permission.

I'm assuming you're using the custom JS to call the custom_data endpoint, correct? If so, you could try potentially writing an external script (like in Google App Script) that would remotely do the call for you and return the data, then the rest of the code in your custom JS would process it and present it to the user in the UI. If you try this route, you want to be careful NOT to expose your API key that will be making the call on your behalf.

Hope this (can) help!

View solution in original post

melodyc_lam · ‎07-28-2023

Hey @DanielLim without your code we won't be able to help much, but according to the API endpoint documentation here you have to be an account admin with the "manage users" permission.

I'm assuming you're using the custom JS to call the custom_data endpoint, correct? If so, you could try potentially writing an external script (like in Google App Script) that would remotely do the call for you and return the data, then the rest of the code in your custom JS would process it and present it to the user in the UI. If you try this route, you want to be careful NOT to expose your API key that will be making the call on your behalf.

Hope this (can) help!

dtod · ‎07-28-2023

It would be insanely useful if users had permission to their own custom data.

DanielLim · ‎07-28-2023

@melodyc_lam - Thank you!

I have no familiarity with Google App Scripts. I just started looking into this and successfully created an app that accesses the relevant Canvas API. I stored the API Key as Script Property so that I don't explicitly use the API Key in the script itself. Do you think this is secure enough? Any advice on this?

My worry with this overall approach, however, is that I still need a secure way of accessing my Google App Script - presumably through another API Key? If so, why not simply do an API call to custom_data using my Canvas API Key?

@dtod users have access to their own custom_data. Outside of this I think only admins have access to that data. Would be nice in certain cases if teachers could have access student custom_data - that's the problem I'm encountering now.

melodyc_lam · ‎07-28-2023

@DanielLim Check out the doGet and doPost methods here: https://developers.google.com/apps-script/guides/web

You could always do a check for whether or not the user has the correct role by doing a doPost(e) method and then return from the doPost the relevant data needed.

A script property is the best way to do it in a Google App Script.

You don't want to expose your key in the custom JS that is in your Canvas instance. You can find a plain text version of your Canvas custom JS if you go into the developer console and look at the folders. 🙂

DanielLim · ‎07-28-2023

@melodyc_lam Thank you - I will look into this!

dtod · ‎07-31-2023

That's perhaps what I was misremembering. I wanted to add custom data to students that a teacher could read, and couldn't.

jsimon3 · ‎08-07-2023

we use the custom_column in gradebook to push custom_data so teachers can view info such as accommodations

custom_data access

API access

custom_data

Integrate a React App (Not Canvas) to be Canvas LM...

Donot have valid data to test certain APIs

Getting Canvas LTI Data

Prevent Faculty From Using "EX" grade in Gradebook

Can you using "People" Lists to display Observed U...

UI for weekly progression idea

Is the ‘Enable self assessment’ field available in...

Canvas Rubrics API Criteria

api/v1/courses/sis_course_id:{id#}/sections - Not ...

add `desc` or `asc` to a few api calls that are al...

You're signed out

custom_data access

Community help

View our top guides and resources: