To Our Amazing Educators Everywhere,
Happy Teacher Appreciation Week!
Upcoming Canvas Changes
2024-10-19
- Removal of Legacy Account Analytics
For more information, please see Upcoming Canvas Changes.
In this Canvas release (21 September), when adding an API Key, New Quizzes endpoints are available in token scopes for admin. Canvas’ Admin Analytics and Course Analytics features migration completion to the Data Access Platform (DAP) is extended.
All Resources | Features in this release may be included in product blogs and other content areas. For all related links, view the 2024-09-21 Community tag.
- Institutions are responsible for conducting thorough evaluations of their custom CSS/JS with each release and deploy to assess potential impacts.
- Subscribe to the Canvas release notes to be notified of updates.
- For general questions related to this release, see the Canvas Release Notes FAQ
- Looking to discuss the features in the Release Notes? Post a reply in the Features Q&A: Canvas Release Notes (2024-09-21)
Table of Contents
- Upcoming Canvas Changes
- 2024-10-19
- Updated Features
- Developer Keys
- New Quizzes endpoints in Token Scopes
- Other Updates
- Analytics
- Admin Analytics and Course Analytics migration to Data Access Platform (DAP)
- Feature Options
- Authentication
- Canvas Authentication Provider Password Options
- Settings
- Limiting Access Token Generation
Updated Features
Developer Keys
New Quizzes endpoints in Token Scopes
Admin
|
Beta Environment Availability |
2024-08-19 |
|
Production Environment Availability |
2024-09-21 |
|
Location to Enable Feature |
None |
|
Name of LTI Tool |
None |
|
Permissions |
Developer Keys-manage |
|
Related APIs |
|
|
Affects User Interface |
Yes |
|
Affected Areas |
API Developer Keys |
|
Related Ideas |
None |
Summary
When adding an API Key, New Quizzes endpoints are available in token scopes for admin.
Change Benefit
This update allows admins to limit the access of an API token to the selected scoped endpoints.
Feature Workflow
API Developer Key New Quiz Endpoints
New Quizzes endpoints are accessible within the token scopes for Admin when adding an API Key.
Feature Video
Other Updates
Analytics
Admin Analytics and Course Analytics migration to Data Access Platform (DAP)
Admin
|
Beta Environment Availability |
Beta availability will be gradually rolled out to users as it becomes available in production. |
|
Production Environment Availability |
Production availability will be gradually rolled out to users over the course of September. |
|
Location to Enable Feature |
Contact your Customer Support Manager |
|
Name of LTI Tool |
None |
|
Permissions |
Inherent to user |
|
Related APIs |
None |
|
Affects User Interface |
No |
|
Affected Area |
Admin Analytics, Course Analytics |
|
Related Ideas |
None |
|
Previous Feature Mention |
Summary
Canvas’ Admin Analytics and Course Analytics features migration completion to the Data Access Platform (DAP) is extended through Sept 30th. This migration will be gradually rolled out to users over the course of September.
Change Benefit
This transition offers increased load schedule frequency (every 8 hours instead of the current 24-48 refresh), ensures consistency in metrics with other data products across Canvas, and improves data quality and availability.
Feature Video
Feature Options
Feature options allow institutions to enable newly developed Canvas functionality according to their preferred time frame. Unless otherwise noted, all feature options are opt-in and do not require any action by a Canvas admin until a feature's enforcement date is announced. For a complete list of feature options, please see Canvas LMS Feature Options.
A feature preview label indicates a feature option in active development, which is being built directly through user feedback. Feature previews deploy updates outside the regular Canvas release schedule and are posted in the Related Releases section in Canvas Releases & Deploys.
Please reference the table below each feature heading for specific feature information. For general information about feature options, please see the Canvas Release Notes FAQ.
Authentication
Canvas Authentication Provider Password Options
Admin
|
Feature Option Name to Enable |
Enhance Password Options |
|
Enable Feature Option Location & Default Status |
Account (Disabled/Unlocked) |
|
Beta Environment Availability |
2024-09-11 |
|
Production Environment Availability |
2024-09-21 |
|
Subaccount Configuration |
No |
|
Permissions |
Account Level Settings-Manage |
|
Affects User Interface |
Yes |
|
Affected Areas |
Authentication |
|
Mobile App Support |
Not available |
|
Free-for-Teacher Availability |
Not available |
|
Feature Option State |
Production-ready |
|
Related Ideas |
None |
|
Related Blog |
Adding Password Options to the Canvas Authentication Provider |
Summary
On the Authentication page, admins can customize passwords for Canvas authentication providers when the Enhance Password Options feature is enabled.
Change Benefit
This feature enables admins to more effectively align Canvas usernames and passwords with institutional policy requirements.
Feature Workflow
Password Options Tray
When the Enhance Password Options feature option is enabled, click the View Options button [1] on the Authentication page. Then, select the desired password options from the Password Options tray [2]. After selecting options, admins can preview the text box that users see when setting a new password [3].
Authentication Page Save Button
Once the desired password options are saved, click the Save button on the Authentication page.
Additional Details
At the time of the initial release, there are some known limitations:
- Users with existing passwords that do not comply with updated policies cannot be prompted to update their passwords.
- Passwords in Canvas are cryptographically hashed and not stored in plain text, making it impossible to identify password violations.
- Administrators setting passwords on behalf of another user may not currently be required to follow the password policy, depending on configuration options.
- This functionality may not be enabled for your institution. It is an account setting that can only be activated by Instructure.
- SIS imports of passwords may not currently be required to comply with the password policy.
- SIS import errors may or may not occur after an SIS import, depending on configuration settings.
- If an institution is uploading passwords via SIS import, it is recommended to validate that the passwords meet the configured policies before uploading.
Feature Video
Settings
Limiting Access Token Generation
Admin
|
Feature Option Name to Enable |
Admin Manage Access Tokens |
|
Enable Feature Option Location & Default Status |
Account (Disabled/Unlocked) |
|
Beta Environment Availability |
2024-09-11 |
|
Production Environment Availability |
2024-09-21 |
|
Subaccount Configuration |
No |
|
Permissions |
Users-manage Access Tokens |
|
Affects User Interface |
Yes |
|
Affected Areas |
Account Settings, User Settings |
|
Mobile App Support |
Not available |
|
Free-for-Teacher Availability |
Not available |
|
Feature Option State |
Production-ready |
|
Related Ideas |
|
|
Related Blog |
Summary
Admins can limit the generation of access tokens with the Admin Manage Access token feature option, Limit personal access token creation to admins account setting and the Users-Manage Access Token admin permission.
Change Benefit
This feature benefits users by enhancing security and control over access tokens. By limiting token generation to admins, it reduces the risk of unauthorized token creation, helping to prevent potential misuse or security breaches.
Feature Workflow
Admin Manage Access Tokens Feature Option
The Admin Manage Access Tokens feature option is available and disabled by default.
Limit Personal Access Token Creation to Admins Account Setting
When the Admin Manage Access Token feature option is enabled, the Limit personal access token creation to Admins setting displays in Account Settings. When enabled, this allows only admin with the Users-Manage Access Token permission to generate access tokens.
Users Manage Access Token Permission
The Users- Manage Access Tokens permission allows admins to create/update and delete access tokens. This permission is enabled but default.
Disabled Add New Access Token Button
When users do not have the Users-Manage Access Tokens permission, the Add New Access Token button is disabled.
Note: Existing personal tokens are not removed, but unauthorized users are unable to regenerate them.
Token Pending Status
If an admin has both the Users - Manage Access Tokens permission and the Users - act as permission, they can masquerade as a user to generate a token on the user's behalf. This updates the status as Pending to prevent unauthorized token generation without the user’s knowledge.The access token should then be securely shared with the user by the admin. Additionally, an admin can masquerade as a user to delete that user's existing access tokens and regenerate tokens.
Notes:
- Regenerating an existing access token on behalf of a user will place the token in a pending state, similar to newly generated tokens. The user must activate the token before it can be used. The access token should be securely shared with the user by the admin.
- Tokens generated by an admin on behalf of a user will remain in a pending state until the user navigates to their user settings and activates the token.
- Users will receive an email notification if an access token has been generated on their behalf.
Token Status Activate Link
When an admin generates a token on behalf of a user, the user must click the Activate link. This will change the status to Pending (Activating). Afterward, the user should refresh the screen to see the updated status as Active.
Feature Video
Change Log
2024-09-05
Added Authentication: Canvas Authentication Provider Password Options and Settings: Limiting Access Token Generation
2024-09-05
Published
2024-08-21
Published
