Has anyone used Angular JS to connect with the API directly and create a view/report?
I would definitely go the Angular/Python route. Security should be the priority. While both server-side and client-side can be hacked, there is a big difference between someone getting access to your session cookie as opposed to gaining access to the OAuth token you are using. Here are some differences as I understand them:
Hijacking a session cookie:
Getting access to an OAuth token:
Ismael, I've shared your question with the Canvas Developers group, whose users might have specific experience with this.
I am also fully willing to admit that there could be a way to do this securely that I am not aware of and would be happy if someone could prove me wrong so I can learn something new.
That's insightful. It is definitely possible to do the calls with angularJS but the question is about security.
Another developer mentioned that both can potentially be hacked into (whether server-side or client-side script) as a hacker could hijack a server session cookie as well.
I will most likely end up have the API calls with OAuth done using python and have Angular call the python scripts
Retrieving data ...