I am developing a single page app which will display the calendar information of each student.
I prefer that the student does not need to login to Canvas first (go through the OAuth2 flow).
I am able to proxy the Canvas API request through a secure server which contains the developer key client id and secret.
Due to API Rate Limiting, I would like to generate an access token for the specific user the request is for.
In the following document, it mentions something about programmatically generating the token
However I could not find how to do it in the OAuth2 API documentation
I understand the client_credentials flow is usually for machine to machine. Is there a way to use this for API (non LTI) requests and be limited to a specific user?