Canvas

Question 1

What is the default authentication method for Canvas?

Answer 1

Signed Request Authentication

Question 2

What are the 2 settings that control authentication for a Canvas app?

Answer 2

1. Admin approved users are pre-authorized

2. All users may self authorize

Question 3

What is the signed request authentication based on?

Answer 3

OAuth

Question 4

What are the OAuth flows supported?

Answer 4

Web server

User Agent

Question 5

What is the flow when ‘Admin approved users are pre-authorized’ is selected?

Answer 5

SF performs a POST to canvas app with signed request + refresh token

Question 6

What is the flow when ‘All users may self authorize’ is selected?

Answer 6

1. If user has previously approved the app and access hasn’t been revoked or expired, SF performs POST to canvas app with signed request
2. If app not yet approved, SF performs GET to canvas app url.

Question 7

What is the parameter that is sent in the GET call to the canvas app URL that indicates that an OAuth flow should be triggered?

Answer 7

_sfdc_canvas_authvalue

Question 8

What is the signed request made up of?

Answer 8

1. Canvas app consumer secret encrypted with SHA-256
2. Period (“.”)
3. Context and Authorization token encoded in Base64

Question 9

What are the functions that can be used to check the signed request?

Answer 9

VerifyAndDecode & VerifyAndDecodeAsJson

Question 10

What function do you use to request another signed request?

Answer 10

refreshSignedRequest