Requesting API Access Tokens

Canvas API Access

API (Application Programming Interface) tokens provide third-party applications with access to user data and content within Canvas. Caltech-approved tools – such as Zoom – that meet security, privacy, and FERPA standards are integrated with Canvas and generate tokens automatically. We recommend you review these periodically in your Canvas settings and delete those that are no longer needed by clicking on the trashcan.

Canvas API tokens, however, are manually generated, as they allow programmatic interaction with Canvas while drawing on the same role and permissions that the user normally holds.

An API access token functions as the equivalent of your username and password, as it grants full access to your Canvas data and resources, and extreme care should be taken to handle these tokens and transactions securely.

Sharing your API token with unauthorized third parties can result in serious security breaches. If you are ever asked to do so, have lost track of it, or believe your token has been compromised, please email [email protected] immediately.

Caltech allows faculty and students to request tokens via the Canvas API Token Portal, available under Self Service at https://access.caltech.edu/. If you require a token for a legitimate academic purpose but do not see the token portal in your access.caltech account, please email [email protected] for assistance.