JWTs API
Short term tokens useful for talking to other services in the Canvas Ecosystem. Note: JWTs have no value or use directly against the Canvas API, and expire after one hour
A JWT object looks like:
{
// The signed, encrypted, base64 encoded JWT
"token": "ZXlKaGJHY2lPaUprYVhJaUxDSmxibU1pT2lKQk1qVTJSME5OSW4wLi5QbnAzS1QzLUJkZ3lQZHgtLm5JT0pOV01iZmdtQ0g3WWtybjhLeHlMbW13cl9yZExXTXF3Y0IwbXkzZDd3V1NDd0JYQkV0UTRtTVNJSVRrX0FJcG0zSU1DeThMcW5NdzA0ckdHVTkweDB3MmNJbjdHeWxOUXdveU5ZZ3UwOEN4TkZteUpCeW5FVktrdU05QlRyZXZ3Y1ZTN2hvaC1WZHRqM19PR3duRm5yUVgwSFhFVFc4R28tUGxoQVUtUnhKT0pNakx1OUxYd2NDUzZsaW9ZMno5NVU3T0hLSGNpaDBmSGVjN2FzekVJT3g4NExUeHlReGxYU3BtbFZ5LVNuYWdfbVJUeU5yNHNsMmlDWFcwSzZCNDhpWHJ1clJVVm1LUkVlVTl4ZVVJcTJPaWNpSHpfemJ0X3FrMjhkdzRyajZXRnBHSlZPNWcwTlUzVHlSWk5qdHg1S2NrTjVSQjZ1X2FzWTBScjhTY2VhNFk3Y2JFX01wcm54cFZTNDFIekVVSVRNdzVMTk1GLVpQZy52LVVDTkVJYk8zQ09EVEhPRnFXLUFR"
}
Create JWT JwtsController#create
POST /api/v1/jwts
url:POST|/api/v1/jwts
Create a unique jwt for using with other Canvas services
Generates a different JWT each time it’s called, each one expires after a short window (1 hour)
Request Parameters:
Parameter | Type | Description | |
---|---|---|---|
workflows[] | string |
Adds additional data to the JWT to be used by the consuming service workflow |
|
context_type | string |
The type of the context in case a specified workflow uses it to consuming the service. Case insensitive.
Allowed values: |
|
context_id | integer |
The id of the context in case a specified workflow uses it to consuming the service. |
|
context_uuid | string |
The uuid of the context in case a specified workflow uses it to consuming the service. |
|
canvas_audience | boolean |
Defaults to true. If false, the JWT will be signed, but not encrypted, for use in downstream services. The default encrypted behaviour can be used to talk to canvas itself. |
Example Request:
curl 'https://<canvas>/api/v1/jwts' \
-X POST \
-H "Accept: application/json" \
-H 'Authorization: Bearer <token>'
Refresh JWT JwtsController#refresh
POST /api/v1/jwts/refresh
url:POST|/api/v1/jwts/refresh
Refresh a JWT for use with other canvas services
Generates a different JWT each time it’s called, each one expires after a short window (1 hour).
Request Parameters:
Parameter | Type | Description | |
---|---|---|---|
jwt | Required | string |
An existing JWT token to be refreshed. The new token will have the same context and workflows as the existing token. |
Example Request:
curl 'https://<canvas>/api/v1/jwts/refresh' \
-X POST \
-H "Accept: application/json" \
-H 'Authorization: Bearer <token>'
-d 'jwt=<jwt>'