We know there's a lot of industry jargon. Hopefully this page will help! If there's a term you don't see here that you'd like to learn about, please don't hesitate to reach out to our support team and we can get it added.
API
Short for "Application Programming Interface". An API is a way for different software applications to communicate with each other. For example, an API allows third-party tools to send and receive information from Canvas.
API Client ID & Secret
A "username and password" (of sorts) that third-party applications use to identify themselves to Canvas. The Client ID is typically public, but the Secret Key should never be shared via unsafe channels.
API Scopes
Think of scopes like "permissions". They define what the application is allowed to do when talking to Canvas. For example, an application may have permission to read class details, but not to update them. Applications can have one or more of these "scopes". The scopes that are available depend on the LMS or SIS platform you use.
Sensitive Scopes
These are API scopes that we recommend using with caution. They may grant a third-party developer access to particularly sensitive PII, or some administrative capability that you're not expecting. It's not that sensitive scopes are "bad" or should never be used, but these scopes should be used with caution. We realize that the word "sensitive" in this case implies a judgement call that we've made for you, and we're happy to discuss our reasoning if you have questions.