Enforcing scopes is not required to use Qwickly Attendance with Canvas.
By default, Qwickly Attendance will function correctly without enabling Enforce Scopes on the Canvas Developer Key. Most institutions can complete their integration without modifying scope settings.
Some institutions choose to enforce scopes as part of their internal security policies. If your institution has enabled Enforce Scopes, you must ensure that the Qwickly Attendance Developer Key includes all required permissions. Without the required scopes, users may encounter an “invalid_scope” error when launching the application.
How Do I Know if Scopes are Enforced?
In Canvas, navigate to Admin > Developer Keys > Qwickly Attendance API Key > pencil icon to edit. If scopes are enabled, you will see the 'Enforce Scopes' slider toggled on:
Important Note: If you are using a developer key with scopes enforced, please make sure to check the box labeled "Allow Include Parameters"
Required Permissions
If your institution enforces scopes, the following permissions must be enabled in the Qwickly Attendance Developer Key:
Accounts
- Scope: url:GET|/api/v1/accounts/:account_id/sub_accounts
- Description: List accounts that are sub-accounts of the given account.
- Scope: url:GET|/api/v1/accounts/:account_id/courses
- Description: Retrieve a paginated list of courses in this account.
Users
- Scope: url:GET|/api/v1/users/:id
- Description: Shows details for a specified user.
- Scope: url:GET|/api/v1/users/:user_id/profile
- Description: Returns user profile data, including user ID, name, and avatar image url
Admins
- Scope: url:GET|/api/v1/accounts/:account_id/admins
- Description: A paginated list of the admins in the account.
Grade Change Log
- Scope: url:GET|/api/v1/audit/grade_change/courses/:course_id
- Description: List grade change events for a given course.
Courses
- Scope: url:GET|/api/v1/courses/:id
- Description: Return Information on a single course.
- Scope: url:GET|/api/v1/courses/:course_id/users
- Description: Returns a paginated list of users in a course.
Roles
- Scope: url:GET|/api/v1/accounts/:account_id/roles
- Description: A paginated list of the roles available to an account.
Enrollments
- Scope: url:GET|/api/v1/courses/:course_id/enrollments
- Description: Returns a paginated list of all of the enrollments in a course.
Groups
- Scope: url:GET|/api/v1/courses/:course_id/groups
- Description: Returns the paginated list of active groups in the given context that are visible to user.
- Scope: url:GET|/api/v1/groups/:group_id/users
- Description: Returns a paginated list of users in the group.
Sections
- Scope: url:GET|/api/v1/courses/:course_id/sections
- Description: A paginated list of the list of sections for this course.
Assignments
- Scope: url:GET|/api/v1/courses/:course_id/assignments
- Description: Returns the paginated list of assignments for the current course or assignment group.
- Scope: url:GET|/api/v1/courses/:course_id/assignments/:id
- Description: Returns the assignment with the given id.
- Scope: url:POST|/api/v1/courses/:course_id/assignments
- Description: Create a new assignment for this course. The assignment is created in the active state.
- Scope: url:PUT|/api/v1/courses/:course_id/assignments/:id
- Description: Modify an existing assignment.
- Scope: url:DELETE|/api/v1/courses/:course_id/assignments/:id
- Description: Delete the given assignment.
Submissions
- Scope: url:GET|/api/v1/courses/:course_id/assignments/:assignment_id/submissions
- Description: Returns a paginated list of all existing submissions for an assignment.
- Scope: url:PUT|/api/v1/courses/:course_id/assignments/:assignment_id/submissions/:user_id
- Description: Comment on and/or update the grading for a student's assignment submission. If any submission or rubric_assessment arguments are provided, the user must have permission to manage grades in the appropriate context (course or section).
Discussion Topics
- Scope: url:GET|/api/v1/courses/:course_id/discussion_topics
- Description: Returns the paginated list of discussion topics for this course or group.
- Scope: url:GET|/api/v1/courses/:course_id/discussion_topics/:topic_id/entries
- Description: Retrieve the (paginated) top-level entries in a discussion topic.
Quizzes
- Scope: url:GET|/api/v1/courses/:course_id/quizzes
- Description: Returns the paginated list of Quizzes in this course.
Quiz Submissions
- Scope: url:GET|/api/v1/courses/:course_id/quizzes/:quiz_id/submissions
- Description: Get a list of all submissions for this quiz. Users who can view or manage grades for a course will have submissions from multiple users returned. A user who can only submit will have only their own submissions returned. When a user has an in-progress submission, only that submission is returned. When there isn’t an in-progress quiz_submission, all completed submissions, including previous attempts, are returned.
Additionally, users of the Qwickly Attendance Student Mobile App should also enforce the following scope:
Courses
- Scope: url:GET|/api/v1/users/:user_id/courses
- Description: Returns a paginated list of courses for the given student.
Troubleshooting: “invalid_scope” Error
If your institution enforces LTI scope restrictions and one or more required scopes are not enabled, you may encounter an “invalid_scope” error when launching the application.
This error indicates that Canvas has not granted all of the permissions required for the integration to function properly.
Example error message:
How to resolve this issue
Review the error message displayed on the page.
Locate the underlined scope URL (for example:
url:GET|/api/v1/accounts/:account_id/courses).This URL identifies the specific permission that is missing.
-
Update your LTI Developer Key or integration settings in Canvas to include the missing scope:
Log in to Canvas as an administrator.
Navigate to Admin → Developer Keys.
Locate the Developer Key used for the Qwickly Attendance integration.
Select Edit Key.
Under the Scopes section, ensure the missing scope shown in the error message is enabled.
Save the changes.
Relaunch the Qwickly Attendance tool.
Save your changes and relaunch the application.
Additional notes
The underlined scope URL provides precise information about which permission must be enabled.
Your Canvas administrator may need to update these settings if you do not have access.
If you are unsure how to update scopes, please contact your Canvas administrator or your Qwickly support representative.
Comments
0 comments
Article is closed for comments.