nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

2026 API and CLI Change Log

InstContentTeam

The Change Log page displays previous API and CLI changes. The heading date indicates the date that the API or CLI code was made available in the production environment.

2026-07-13

Announcement Date: 2026-04-13

Enforcement Date: 90 days after announcement, per the Instructure API Policy

Release Type: API Behavior Change

Backward Compatibility: Breaking (see details below)

Canvas Live Events — Content-Type Header Change

When Canvas Live Events are configured to use JWT signing for HTTP delivery, the Content-Type header will change:

From: application/json
To: application/jwt

This reflects the actual payload format — when JWT signing is enabled, the payload is a JWT token, not plain JSON. The event payload and JWT structure themselves are not changing.

⚠️ Action Required: If your receiving system validates or routes events based on the Content-Type header, update it to accept application/jwt.

Related Resource: Canvas Live Events setup

User-Agent Header Requirement — Expanding to Additional APIs

In September 2025, enforcement of the User-Agent header was announced for the Canvas API. This requirement is now extending to:

Canvas API (already enforced)
Data Access Platform (DAP) Query API
Learn Platform Public Product API

After the enforcement date, requests without a valid User-Agent header will receive a 403 Forbidden response:

HTTP 403
{
  "error": "Forbidden",
  "message": "You are not authorized to access this site because you have not provided a valid user agent."
}

Recommended User-Agent format:

User-Agent: MyApp/1.2 (company-name; support@company.com)

Exception: DAP CLI and DAP Client Library users are already covered — these tools send User-Agent headers automatically.

Related Resources:

What You Should Do Now

Ensure Live Events receivers support Content-Type: application/jwt
Add a valid User-Agent header to all DAP Query API and Learn Platform API requests
Verify automated jobs, SDKs, and scripts include this header

2026-05-06

Announcement Date 2026-04-24

Beta Availability: 2026-04-23

Changed

Support for Multiple Enrollment Term Filters in Courses API Endpoint

The /api/v1/accounts/:id/courses endpoint supports filtering by one or multiple enrollment terms. Requests can include a single enrollment_term_id or multiple values using enrollment_term_id[]. Existing integrations using enrollment_term_id continue to work without changes.

2026-04-27

Export API Schema Changes — Release Notes

Announcement Date: 2026-04-13

Related Resource: Export API Schema Changes Proposal

Release Type: Schema Enhancement

Namespaces Affected: canvas, canvas_logs

Backward Compatibility: Compatible (see notes below)

Nullable Corrections — 25 tables, 40 columns (canvas namespace)

40 columns across 25 tables were marked as required in the schema but allow NULL in PostgreSQL. The Export API silently dropped entire rows where any required column was NULL, resulting in approximately 49.4 million missing rows across 7 regions.

The largest impact was on the assignments table: 47.5 million rows (1.3% of the table) were dropped because grader_count is NULL for non-moderated-grading assignments.

Fix: These columns are now marked as optional. Schema version bumped on all affected tables.

Table	Columns changed to optional
assignments	anonymous_grading, grader_comments_visible_to_graders, grader_count, grader_names_visible_to_final_grader, graders_anonymous_to_graders, peer_review_count, submission_types, submissions_downloads
attachments	file_state, locked
rubric_associations	bookmarked, hide_outcome_results, hide_points
submission_comments	context_type, hidden, teacher_only_comment
content_participation_counts	content_type, context_type, unread_count
conversation_participants	message_count, subscribed
communication_channels	bounce_count
courses	allow_student_organized_groups
discussion_entries	workflow_state
enrollments	grade_publishing_status
~~quiz_submissions~~	~~fudge_points~~
quizzes	unpublished_question_count
rubrics	association_count
lti_line_items	extensions
lti_results	extensions
assessment_question_banks	context_type
assignment_overrides	set_type
attachment_associations	context_type
content_migrations	context_type
content_tags	tag_type
enrollment_dates_overrides	context_type
favorites	context_type
group_categories	context_type
learning_outcome_question_results	associated_asset_type
submission_versions	context_type
wiki_pages	protected_editing

⚠️ Implementation Note: These columns may now return NULL values. Previously, rows containing NULLs in these columns were silently omitted from results entirely. Receiving the row with a NULL value is the correct behavior.

submissions — New Column (canvas namespace)

Added column: custom_grade_status_id
Type: bigint, optional
Foreign key to custom_grade_statuses
Schema version bumped: 3 → 4

Enables customers to determine excused, custom, late, extended, and missing status for submissions. Data is already present in PostgreSQL and flowing through CDC.

⚠️ Implementation Note: Adding this column will trigger a commit time update for records where custom_grade_status_id is not NULL, which may result in a large incremental sync.

pseudonyms — New Column (canvas namespace)

Added column: is_inst_id
Type: boolean, optional
Schema version bumped: 2 → 3

Allows customers to filter out Canvas Identity (Inst ID) records from the pseudonyms table. Canvas Identity writes to the same table as regular logins, which can disrupt customer data pipelines. This column is not null in the Canvas database but is added as optional because dap-schemas does not support default values.

collaborations — Type Correction (canvas namespace)

~~Column: resource_link_lookup_uuid~~
~~Type change:~~
- ~~From: str MaxLength(255)~~
- ~~To: UUID~~
~~Schema version bumped~~

~~This aligns the column type with the actual PostgreSQL type and is consistent with the 3 other UUID columns in the codebase. UUID is a subset of the string format, so this is a non-breaking change.~~

Collaborations table is not going to be released because it would break MSSQL and MySQL schemas.

context_external_tools — New Placement Fields (canvas namespace)

Added 7 placement fields to the settings object:
- assignment_edit
- assignment_view
- module_index_menu_modal
- module_menu_modal
- submission_type_selection
- top_navigation
- resource_selection
All fields: Optional[str], same pattern as the existing 34 placement fields
Schema version bumped: 2 → 3

These placements were requested by customers but were missing from the schema.

submissions — Deprecation Notice (canvas namespace)

Column: cached_tardiness
Status: Deprecated
The column will never be populated with data
No column removal — the column still exists in the Canvas database

Customers should not rely on cached_tardiness for any calculations. Use custom_grade_status_id (see above) for tardiness-related status information.

web_logs — New Enum Value (canvas_logs namespace)

Added enum value SisBatch to web_application_context_type
Schema version bumped

A new SisBatch context type is now being produced in Canvas web logs. Without this enum value, the DAP CLI breaks when attempting to sync or download web log data using initdb/syncdb commands. This resolves 3 reported customer cases.

⚠️ Implementation Note: Downstream systems enforcing strict enum validation on web_application_context_type must include SisBatch.

General Notes

DAP CLI users: Users running initdb/syncdb commands should update to the latest DAP CLI version to pick up all schema changes.
Commit time reprocessing: Tables with nullable corrections will have commit times updated for affected records. Tables with new columns will have commit times updated for records where the new column value differs from the default. This may result in larger-than-usual incremental syncs.

2026-03-16

New Quizzes Data Namespace for DAP Query API & DAP CLI 2.2.0.

Announcement Date: 2026-03-16

New Quizzes Data Namespace

New Feature: Dedicated availability of New Quizzes (NQ) data introduced as the new_quizzes namespace in the CD2/DAP Query API datasets.
Known limitation: Data is refreshed every 8 hours for new_quizzes namespace.
Schema Status: The data model is transformed to mirror the structure of quizzes, quiz_questions, quiz_submissions, and quiz_groups found in the existing canvas namespace. Thus a crosswalk is provided in the documentation.

DAP CLI Update

Version: DAP CLI version 2.2.0 is released.
Support: DAP CLI 2.2.0 includes specific support for the new_quizzes namespace.
Action Required: Users must update their local installation to access NQ data through the DAP CLI.

Update Command: pip install -U instructure-dap-client

2026-06-20

User-Agent Header Enforcement

Announcement Date: 2026-03-13

Beta Availability: 2025-10-01

To strengthen API security and governance, all HTTP requests must include a User-Agent header. Requests without this header are rejected in Beta as of October 1, 2025, and in Production on June 20, 2026.

2026-04-08

Announcement Date: 2026-03-27

Beta Availability: 2026-03-26

Grade Change Logs Subaccount Query Support

Allows users in a subaccount to query Grade Change logs by assignment_id or course_id. Additional parameters (grader_id, student_id) can be used to further filter results.

2026-03-09

Announcement Date: 2026-03-09

DAP Query API schema change is required immediately due to keep prevent data loss. Thus the change need to happen earlier.

submissions
A data type change for a column:

Updated column: points_deducted
Changed data type from: decimal(6,2) to: decimal(12,2)
Updated numeric bounds from:
-10,000 to 10,000 to: -10,000,000,000 to 10,000,000,000
Schema version increased from 2 → 3.

2026-04-18

Announcement Date: 2025-12-18

Beta Availability: Gradual rollout began 2025-11-01

Updated on 2026-01-05: Changed production date from 2026-02-21 to 2026-04-18.

Changed

GET Requests with a body are rejected with a 403 status code

Platform infrastructure is transitioning to utilize AWS CloudFront (CDN) for application delivery to ensure continued performance and scalability. This is a change to the underlying infrastructure that is available in Beta and Test environments and will be gradually rolled out to most accounts in Production in January 2026. In almost all cases, this requires no action from customers or vendors and is entirely transparent to users.

This update includes one known side effect that impacts a very small subset of Canvas API users:

GET requests cannot have a body. This is how AWS interprets the definition in RFC 9110 and RFC 7231 that "A payload within a GET request message has no defined semantics; sending a payload body on a GET request might cause some existing implementations to reject the request." The CDN will respond with a 403 to these requests.

Any account identified as receiving GET API requests with a body, rather than using query parameters, will not be included in the January rollout. This behavior is very rare. Affected accounts will have until February 21, 2026 to update integrations accordingly, and will be notified and will be notified via notice in the Developer Keys page as well as via their CSM. Examples of the required adjustments are available in the related resource. If you don’t hear about this from your CSM or otherwise, you most likely are not affected and do not need to do anything.

2026-03-11

Announcement Date: 2026-03-02

Release Type: Schema Enhancement

Namespaces Affected: `canvas`, `canvas_logs`

Backward Compatibility: Compatible (see notes below)

New Tables (canvas namespace)

- `outcome_calculation_methods`

- `outcome_friendly_descriptions`

- `accessibility_resource_scans`

- `accessibility_issues`

- `custom_grade_statuses`

All tables include standard `created_at` and `updated_at` timestamps.

`submissions` (canvas namespace)

- Column: `points_deducted`

- Type change:

- From: `decimal(6,2)`

- To: `decimal(12,2)`

- Updated bounds:

- From: (-10,000, 10,000)

- To: (-10,000,000,000, 10,000,000,000)

🔄 Updated Tables

`web_logs` (canvas_logs namespace)

- Added enum value `ACL` to `http_method`

- Schema version bumped: **7 → 8**

⚠️ Implementation Notes

- Downstream systems enforcing strict enum validation must include `ACL`.

- Systems enforcing numeric bounds should update constraints for `points_deducted`.

- DAP CLI users do not need to take action.

2026-03-21

User-Agent Header Enforcement

This feature is currently delayed in the production environment and will be included in a future release.

Note: This update is delayed because a significant number of partner calls would continue to fail.

Announcement Date: 2026-03-13

Announcement Date: 2026-01-12

Beta Availability: 2025-10-01

2026-01-17 [Delayed as of 2026-01-09]

Updated: Changed Production release date from 2026-01-01 to 2026-01-17.

Announcement Date: 2025-10-09

Beta Availability: 2025-10-01

User-Agent Header Enforcement

To strengthen API security and governance, all HTTP requests must include a User-Agent header. Requests without this header are rejected in Beta as of October 1, 2025, and in Production on January 1, 2026.

Related Resource: Enforcing User-Agent Header for Canvas API Requests

Find more posts tagged with

Comments

There are no comments yet