Canvas Lms MCP Server

Canvas LMS MCP Server

The TypeScript MCP server for Canvas LMS.

MCP server for Canvas LMS. Read courses, assignments, submissions, rubrics, quizzes; grade, comment, manage course content, and handle Canvas admin workflows from any AI agent.

119 tools across Canvas courses, assignments, submissions, gradebook history, rubrics, quizzes, New Quizzes (LTI), files, users, groups, enrollments, discussions, modules, pages, calendar, conversations, peer reviews, accounts, analytics, outcomes, student workflows, dashboard, instructor attention workflows, and health checks. Three deployment modes: stdio, HTTP, and library import.

One-click install (Claude Desktop)

1. Download canvas-lms-mcp.mcpb from the latest release.
2. Double-click the file (or drag it into Claude Desktop's Extensions settings).
3. When prompted, paste your Canvas API token and Canvas API base URL (e.g. https://school.instructure.com/api/v1). Teachers and staff handling student data can also flip FERPA mode — pseudonymize students on in the same dialog (what it does).

No terminal, no Node.js install, no config-file editing — Claude Desktop bundles the runtime and handles config for you. The same .mcpb works in Claude Code and MCP for Windows.

Prefer the terminal? Use the Quick Start below.

Comparison

Quick Start

1. Get a Canvas API Token

1. Log in to your Canvas instance
2. Go to Account > Settings
3. Scroll to Approved Integrations and click + New Access Token
4. Give it a name (e.g., "MCP Server") and click Generate Token
5. Copy the token immediately -- you won't see it again

2. Run the Setup Wizard

npx canvas-lms-mcp init

The wizard detects your installed AI clients (Claude Desktop, Cursor, VS Code, Windsurf, Codex, Continue, Claude Code), prompts for your Canvas token and base URL, validates the credentials against your Canvas instance, and writes the config for every client you select.

add-mcp is also supported as a generic alternative: npx add-mcp canvas-lms-mcp.

For clients not yet supported by the wizard, or if you prefer editing config files by hand, see docs/manual-setup.md.

Agent Skills

Install reusable Canvas workflows into Claude Code, Cursor, GitHub Copilot, Cline, and 40+ other AI agents:

npx skills add bruchris/canvas-lms-mcp

Skills are markdown workflow files (no extra dependencies). They work with the MCP server you already have installed. See the skills/ directory for the full list.

Example Prompts

Once configured, try these prompts with your AI client:

• "List all my active courses"
• "Show me the assignments for course 12345"
• "What's the average grade on the midterm exam?"
• "Grade Alice's essay submission with a B+ and add feedback"
• "Show me the rubric for the final project"
• "What discussions are happening in my Biology course?"
• "List all upcoming calendar events for course 12345"
• "Send a message to student 67890 about their missing assignment"

Tool Inventory

All Registered Tools (119)

84 tools are read-only and 35 tools perform Canvas write operations. When FERPA mode is enabled, resolve_pseudonym adds a 120th read tool.

All write tools require appropriate Canvas permissions. Canvas enforces its own permission model -- the MCP server does not bypass it.

Bulk operations

Canvas applies rate limits per-user. When creating many New Quizzes items (e.g., RAG-generated quizzes), call the tools serially rather than in parallel. For >50 items, chunk and pause between batches. If you hit a rate-limit error, wait a few seconds and retry.

MCP Resources (2)

Interactive widgets

view_course_structure is an MCP Apps tool: hosts that support the spec render an interactive tree explorer (collapsible modules, type-filter chips, title search, published/unpublished badges, links open in a new tab); hosts that don't fall back transparently to the same JSON payload that get_course_structure returns. The widget is self-contained — no external scripts, fonts, or network calls — and is shipped inline with the tool definition.

Host verification (Claude Desktop, ChatGPT, Codex fallback) is performed manually after each release, since it requires real Canvas credentials. A screenshot will be added once the first verified host pass lands.

Deployment Modes

stdio (Default)

For local AI clients like Claude Desktop, Cursor, and VS Code. The server communicates over stdin/stdout.

npx canvas-lms-mcp --token $CANVAS_API_TOKEN --base-url $CANVAS_BASE_URL

HTTP

For web-based clients or hosted services. Starts an HTTP server with Streamable HTTP transport.

npx canvas-lms-mcp serve \
  --token $CANVAS_API_TOKEN \
  --base-url $CANVAS_BASE_URL \
  --port 3001 \
  --allowed-origin https://your-app.example.com

Endpoints:

• POST /mcp -- MCP protocol endpoint
• GET /health -- Health check (returns {"status":"ok"})

Docker

docker compose up -d

Requires CANVAS_API_TOKEN and CANVAS_BASE_URL environment variables. See docker-compose.yml.

services:
  canvas-lms-mcp:
    build: .
    ports:
      - "3001:3001"
    environment:
      - CANVAS_API_TOKEN=${CANVAS_API_TOKEN}
      - CANVAS_BASE_URL=${CANVAS_BASE_URL}

Library Import

Use the server factory directly in your own Node.js application:

import { createCanvasMCPServer } from 'canvas-lms-mcp'

const { server, canvas } = createCanvasMCPServer({
  token: userToken,
  baseUrl: canvasBaseUrl,
})

Or use the Canvas client standalone (no MCP dependency):

import { CanvasClient } from 'canvas-lms-mcp/canvas'

const canvas = new CanvasClient({
  token: userToken,
  baseUrl: canvasBaseUrl,
})

const courses = await canvas.courses.list()

CLI Reference

Environment Variables

FERPA mode (student pseudonymization)

Opt-in, server-side mode that replaces student names and contact info in tool output with stable pseudonyms (Student 1, Student 2, …) so structured PII never reaches the LLM. Designed for teacher / staff tokens — students running their own MCP should leave the flag off, otherwise their own data is replaced too.

CANVAS_PSEUDONYMIZE_STUDENTS=true canvas-lms-mcp serve --base-url https://school.instructure.com

What it does:

• Replaces name, short_name, sortable_name, email, login_id, sis_user_id, integration_id, avatar_url, bio, pronouns, and last_login on student users.
• Maps are stable per (canvas-base-url, course_id) and persisted to disk under ${XDG_DATA_HOME:-~/.local/share}/canvas-lms-mcp/pseudonyms (Linux), ~/Library/Application Support/canvas-lms-mcp/pseudonyms (macOS), or %APPDATA%\canvas-lms-mcp\pseudonyms (Windows). Override the location with CANVAS_PSEUDONYM_DIR.
• Student 7 in March is still Student 7 in October. Dropped students are marked historical; their slot is never reused.
• Tool responses carry _meta.pseudonymized: true so the agent can mention it in summaries.
• Cannot be toggled per tool call, per HTTP header, or per session. The env flag is the only switch.

What it does NOT do:

• It does not scrub free text inside submission bodies, discussion messages, or page bodies — a student writing "Hi, I'm Alice" in their submission still says so. Document this for your end users.
• It cannot re-anonymize the LLM's working memory. If the agent saw real names in a prior turn, they remain in its context.
• It does not protect the bare canvas-lms-mcp/canvas library import — pseudonymization is a tool-layer concern. Embedders that use the raw Canvas client get raw data.
• HTTP transports are process-wide: to run both modes side by side, run two server instances.

Conversation participants are pseudonymized as Person N from a cross-course pool. If you chat with a colleague, they appear as Person 1 rather than their name — conservative because conversations span courses and we cannot infer their role.

Optional resolve_pseudonym reverse-lookup tool: register it only by also setting CANVAS_PSEUDONYMIZE_REVERSE_LOOKUP=true. Every call is audit-logged to stderr (and to CANVAS_PSEUDONYM_AUDIT_LOG if set). When the flag is off the tool is absent from tools/list — a prompt-injection attempt to call it fails at the protocol layer.

Threat model and design rationale in docs/superpowers/specs/2026-05-25-ferpa-pseudonymization.md.

Role-based tool filtering

Optionally narrow the tool list to a single Canvas role so an agent sees only the tools relevant to its user. This is a client-side UX / context-reduction filter only — Canvas still enforces real permissions server-side. Setting CANVAS_ROLE=admin does not grant admin powers; a 403 still comes from Canvas if the token lacks the scope.

# stdio: env var or --role flag (flag wins)
CANVAS_ROLE=student canvas-lms-mcp --base-url https://school.instructure.com
canvas-lms-mcp --base-url https://school.instructure.com --role teacher

Three roles, plus the default of "unset = every tool":

Notes:

• Equivalent to CANVAS_ROLE in vishalsachdev/canvas-mcp — set the same value to migrate.
• Role values are case-insensitive; all is accepted as an explicit "no filter". An unrecognised value logs a warning to stderr and registers all tools (a config typo never stops the server).
• teacher / admin do not see the student-only get_my_* tools in v1 — they should use list_submissions / get_submission etc. instead.
• The FERPA resolve_pseudonym tool is teacher/admin-only and is never exposed to student, even when reverse lookup is enabled.
• HTTP transport: the role is read per request from the X-Canvas-Role header, falling back to CANVAS_ROLE from the server config. A valid header (or all) overrides the configured default; an invalid header is ignored with a warning.
• Tool counts above are a snapshot and grow as tools are added — the authoritative guarantee is that every tool resolves to exactly one audience (enforced by tests/tools/audience-coverage.test.ts).

Design rationale in BRU-1530 (role taxonomy, why three roles, auto-detect deferred to v2).

Development

pnpm install       # Install dependencies
pnpm dev           # Watch mode build
pnpm build         # Production build
pnpm test          # Run tests (768 tests)
pnpm lint          # ESLint + Prettier check
pnpm lint:fix      # Auto-fix lint issues
pnpm typecheck     # TypeScript strict type check

Dependency audit

The pnpm.overrides.hono entry pins hono to 4.12.14 because @modelcontextprotocol/sdk@1.29.0 allows vulnerable hono <4.12.14 versions. Remove the override when the MCP SDK publishes a release that depends on a patched hono range.

Architecture

src/canvas/       Standalone Canvas REST API client (pure fetch, no MCP dependency)
src/tools/        MCP tool definitions with Zod input schemas
src/resources/    MCP resource templates (syllabus, assignment description)
src/server.ts     Factory: createCanvasMCPServer(config)
src/stdio.ts      stdio transport entry point
src/http.ts       HTTP transport entry point
src/cli.ts        CLI argument parser

Contributing

See CONTRIBUTING.md for the full contribution and validation workflow.

1. Fork the repo
2. Create a feature branch (git checkout -b feat/my-feature)
3. Use conventional commits (feat:, fix:, chore:, test:, docs:)
4. Ensure pnpm lint && pnpm typecheck && pnpm test pass
5. Open a pull request

Guides

• Manual Setup -- Per-client JSON/TOML config snippets for Claude Desktop, Cursor, VS Code, Windsurf, Codex, Continue, Claude Code, and HTTP clients
• Getting Started -- Step-by-step setup for non-developers: token, config, first query, troubleshooting
• Student Guide -- Token setup, AI client configuration, 10 example prompts
• Educator Guide -- Grading workflows, write operations, privacy considerations
• Integration Guide -- Three integration patterns with code examples
• Agent Discovery -- Generated tool/workflow manifests and workflow-pack index
• Educator Assignment Review Workflow -- Read-first grading flow with write-safety guidance
• Student Weekly Planning Workflow -- Read-only weekly planning sequence for students

License

MIT