Canvas - UW Enabled Application Configurations (UW-Madison)

Listing of Applications which have been enabled

Learn@UW actively supports the integration of third party tools with all of our supported LMSs.  Support of the integration does not imply that use of the tool is supported by the Learn@UW service, unless explicitly stated.  Support and maintenance of the tool is between the user(s) and third party vendor.

Tools available for use

The following tools have are enabled and can be used by faculty.



Who provides support?

Blackboard Collaborate Canvas - Blackboard Ultra in Canvas (UW-Madison) Learn@UW
BlackBoard Collaborate UltraCanvas - Blackboard Collaborate in Canvas (UW-Madison) Learn@UW Vendor Supported
 Canvas Chat Instructure / Learn@UW

Vendor Supported
 Kaltura  Canvas - Accessing Kaltura Media (UW-Madison) Learn@UW
 Macmillan Learning Vendor Supported
 Piazza  Canvas - Piazza in Canvas (UW-Madison) Learn@UW
Roll Call Instructure / Learn@UW
  SCORM Canvas - About the SCORM tool in Canvas (UW-Madison) Instructure / Learn@UW
 Sift & Winnow: Libraries Module  TDB Learn@UW / Libaries
 Vimeo Vendor Supported
 youTube Instructure / Learn@UW
 Office Mix  Using Office Mix with Instructure Canvas Vendor Supported

Canvas App Center & Adding Additional Tools

All courses contain the App Center, which allows instructors to install whitelisted LTI apps in their course. Users can follow the "How do I add an External App in my course?" guide.

The Canvas App Center defines the following levels of privacy:
  • Anonymous: No identifying information about the user will be sent to the vendor.
  • Email Only:The user's email is the only identifying information sent to the vendor.
  • Name Only:The user's name is the only identifying information sent to the vendor.
  • PublicVarious identifying information (name, email, Canvas ID, SIS ID of the course, SIS ID of user, etc.) is sent to thevendor.

Source: how-do-i-manually-configure-an-external-app-for-an-account

Approval Process Based On Levels of Risk

The level of risk associated with various LMS integrations varies depending on two factors:

  1. They type of data transmitted from the LMS to the integrated tool
  2. The technology used to integrate the tool into theLMS

We define 4 levels of risk based on these factors.

Level 1 - Anonymous - External LMS Integrations

Those apps in the App Center which are listed as “anonymous” will be whitelisted by default. Other integrations determined to be “anonymous” by LMS developers and administrators may also be whitelisted.

Level 2 - Non Anonymous - External LMS Integrations

First, it's important to keep in mind that student, faculty, and course data can be put at risk if shared with non-UW-Madison entities, such as third-party vendors. Therefore, the UW-Madison CIO's Office requires that all integrations meet guidelines for privacy, intellectual property, security and records retention.  Interested users should review the the following KB External LMS Integrations and submit a request if interested via the request form. Learn@UW personnel will ensure that appropriate legal agreements are in place before allowing non-anonymous apps to be integrated with our LMSs.  To the extent possible, given time and resource limitations, Learn@UW personnel will assist faculty in obtaining these legal agreements through normal purchasing channels.

Level 3 - Local LTI-Based LMS Integrations

Locally written and supported integrations using LTI will in most cases be approved by default.  This is because the data sharing will be between a supported LMS and other services for which UW-Madison has ultimate responsibility.  However, depending on circumstances,there may be some concern for the security and professional operation of the other services.  Services developed and maintained by recognized UW development groups such are DoIT AT or the UW-Madison Moodle service will be accepted by default.  Approval of services provided by other development groups may need vetting by OCIS.

Level 4 - Non LTI-Based Integrations

Non LTI-Based integrations are ones that involve injecting third-party code into the LMSs code base, e.g. Moodle plug-ins, or utilize an API with a high-level access key. This includes integrations that utilize LTI for part of their functionality, but other integration techniques for other parts of their functionality.  For example some external integrations utilize LTI for single sign-on purposes, but code injection for gradebook sync.  Since access to the LMSs gradebook is a very sensitive matter, these integrations will require close scrutiny LMS developers and managers or OCIS, as appropriate to the specifics of the situation.

Keywords:canvas external apps lti   Doc ID:65466
Owner:Dale J.Group:UW-Madison Canvas
Created:2016-07-26 13:31 CSTUpdated:2016-11-21 14:48 CST
Sites:DoIT Help Desk, Learn@UW Madison, UW-Madison Canvas
Feedback:  0   0