Canvas - Enabled Application Configurations [UW-Madison]
This document lists the integrations currently enabled in UW-Madison's version of Canvas
Integrated Applications Available for Use
Canvas App Center & Adding Additional Applications
All Canvas courses contain the App Center, which allows instructors to install whitelisted LTI apps in their course. Users can follow the "How do I add an External App in my course?" guide.The Canvas App Center defines the following levels of privacy:
- Anonymous: No identifying information about the user will be sent to the vendor.
- Email Only: The user's email is the only identifying information sent to the vendor.
- Name Only: The user's name is the only identifying information sent to the vendor.
- Public: Various identifying information (name, email, Canvas ID, SIS ID of the course, SIS ID of user, etc.) is sent to the vendor.
Source: How do I manually configure an external app for an account?
Approval Process Based On Levels of Risk
The level of risk associated with various LMS integrations varies depending on two factors:
- They type of data transmitted from the LMS to the integrated application
- The technology used to integrate the application into the LMS
We define four levels of risk based on these factors:
Level 1 - Anonymous - External LMS Integrations
Those apps in the App Center which are listed as “anonymous” will be whitelisted by default. Other integrations determined to be “anonymous” by LMS developers and administrators may also be whitelisted.
Level 2 - Non Anonymous - External LMS Integrations
First, it's important to keep in mind that student, faculty, and course data can be put at risk if shared with non-UW-Madison entities, such as third-party vendors. Therefore, the UW-Madison CIO's Office requires that all integrations meet guidelines for privacy, intellectual property, security and records retention. Interested users should review the the following KB External LMS Integrations and submit a request if interested via the request form. Learn@UW personnel will ensure that appropriate legal agreements are in place before allowing non-anonymous apps to be integrated with our LMSs. To the extent possible, given time and resource limitations, Learn@UW personnel will assist faculty in obtaining these legal agreements through normal purchasing channels.
Level 4 - Non LTI-Based Integrations
Non LTI-based integrations are ones that involve injecting third-party code into the LMSs code base, e.g. Moodle plug-ins, or utilize an API with a high-level access key. This includes integrations that utilize LTI for part of their functionality, but other integration techniques for other parts of their functionality. For example some external integrations utilize LTI for single sign-on purposes, but code injection for gradebook sync. Since access to the LMSs gradebook is a very sensitive matter, these integrations will require close scrutiny LMS developers and managers or OCIS, as appropriate to the specifics of the situation.
Canvas Course Navigation & Integrated Applications
All Canvas courses have a standard ("default") Course Navigation menu when they are first created.
In order to keep the Canvas default Course Navigation a manageable size, integrated applications are not generally added to the default Course Navigation. The Learn@UW Madison team uses the following standards to judiciously populate the default Course Navigation:
- The default Course Navigation contains core Canvas tools (such as Discussion, Grades, Syllabus, and so on). It also contains tools which offer no technical option for removal from the default Course Navigation, such as Google Drive.
- General practice for integrating third-party applications with Canvas does not include adding the application to the default Course Navigation. Instead, such applications will be available for instructors to add to the Course Navigation on a course-by-course basis.