AnsweredAssumed Answered

How can I POST to Canvas API with BizTalk using OAuth2 flow?

Question asked by Nils Persson on Jul 10, 2019
Latest reply on Aug 19, 2019 by Nils Persson

Ok, I know this is a pretty broad and generel question, but I'm all ears for any experiences with integrating to the Canvas API using BizTalk.


Let me explain where I'm at right now and what I want to do.


I'm trying to integrate my organization's student and employee catalogue with Canvas so that we won't have to manually import the CSV file containing new people. The way I've done it is that I've set up a BizTalk application which receives the exact same CSV file that we would normally upload to Canvas. BizTalk then uses the WCF-WebHttp adapter to POST the file to the Canvas API (/api/v1/accounts/1/sis_imports). This part works, but to make a POST I obviously need to give BizTalk authorization. Right now I've simply generated a token under Approved integrations on my personal account's settings page in Canvas and added that to the message headers in the WCF-WebHttp adapter in BizTalk. This is fine right now as I'm still only working in our Test environment, but when we go into production with this integration I'm not too keen on using a static token that I've just copy-pasted into BizTalk.


Which brings me back to my question. How can I make this POST with BizTalk without relying on a static token? I've been trying to figure this out for a day now and I've read in the Canvas documentaion about the OAuth2 flow and Developer keys. As I'm new to both BizTalk and REST APIs this is a bit daunting for me and I'm having trouble understanding what is what.


For example, when creating a Developer key I need to provide some settings among which are Key name, Redirect URIs, Redirect URI (Legacy) and Vendor code (LTI 2). Key name - this is just a name for the key, right, and not an ID? And these Redirect URIs - I'm having trouble understanding their function and what to provide. Vendor code feels very abstract to me as well. I've read this guide, but I'm having a hard time understanding the context. Like, what is the client ID and secret. I'm guessing the secret are the actual tokens that are supposed to be generated by the Developer key, but what is the client ID reffering to? Any pointers as to how to simplify this a bit would be appreciated.


And as for the BizTalk aspect of this whole thing - I'm pretty sure I'm going to have to create my own endpoint behavior for the WCF-WebHttp adapter and write some endpoint behavior extension as well, but in order to even begin to think about that I need to understand the basics and it's just really hard for me.


So, if anyone has done something like this or in any way related, please share your knowledge!