Problem statement
I want to achieve SSO between Auth0 and Canvas LMS, with Canvas as the IdP using an OIDC/OAuth2 flow.
Solution
Canvas can be used as an IdP for Auth0 users through a Custom OAuth2 connection.
Canvas’ documentation on their OAuth2 endpoints is here:
Your connection’s fetch profile script will need to call this Canvas endpoint with the access token provided from the login to get the logged-in user’s email, name, profile picture, etc.:
e.g.
-
the authorization URL:
https://[target Canvas domain here]/login/oauth2/auth -
token endpoint:
https://[target Canvas domain here]/login/oauth2/token -
retrieve user profile:
https://[target Canvas domain here]/api/v1/users/${[context.user.id](http://context.user.id/)}/profile
If you need to be able to support multiple Canvas instances, a separate connection is needed for each instance.