I am currently an Account Admin for our school's instance of Canvas, and I was wondering if there was a way that I could pull/audit communication made by a user in our instance of Canvas? I tried using some of the APIs listed in the Canvas Help Docs, but it says I am not authorized to pull the communication, or the API only pulls my conversations.
Any ideas on if pulling/auditing another user's conversations is possible?
Example API :
GET api/v1/conversations (which only gives me my own conversations, not another user's).
I appreciate the help as always.
Solved! Go to Solution.
What I usually do is masquerade as the user, go to their inbox, and filter by sent. Typically I don't even need to go that far if the "concern" was shared soon enough after the misdeed, I just scroll down the inbox, and look for the student's name.
Now, the API call is a great tool for collecting the evidence for use by the school, but is not always necessary. Often, one the student is presented with the fact that there is evidence with date/time stamps, they own up and everybody moves on. However, sometimes disciplinary decisions are challenged, so then I would use an API call to collect the evidence in a sharable format.
I am assuming some sort of infraction of the rules here, but it could be to document that communication occurred between student and faculty or the reverse to support or deny a grading dispute. Typically we never need to go so far as an API call.
@kmeeusen , one thing to watch out for is that the Inbox isn't always 100% accurate when you masquerade as someone. We've had it happen a number of times where what we see when masquerading is not accurate and doesn't match what shows up when the actual person logs into their Canvas Inbox. We reported this to support and they said the only way to be completely sure you're seeing an accurate view of the Inbox for someone is to log in as that person (not masquerade). What we've started doing is creating an alternate login for the person, then login as them to check the Inbox, then we go back and remove the alternate login information from the system.
What we noticed is that entire conversations were missing. Which is pretty crucial when we're trying to confirm that a message was read/sent.
It's never 100% - totally hit and miss - but seemed to pop up when we really needed it to be accurate. You know, like when campus security is involved...