Hi,
I have a Connected Canvas App that uses a Lifecycle Class - both are part of a managed package. In the OAuth policies I've set the Permitted Users to 'Admin approved users are pre-authorized' and included all the Profiles I require to have access. In those Profiles I've also ticked the App in the Connected App Access section. FYI, the Lifecycle Class doesn't allow profiles security to be set as per other 'normal' apex classes.

When my users who should have access to this App try and run it, the are given the error: 'Oops, there was an error [rendering Force.com Canvas application [App Name]. You don't have permissions to invoke Canvas lifecycle handler (apex class) [Class Name].'

It works for all System Admins and if I give any of these other users System Admin access (temporarily) it will work for them too.

I have the same setup in a different sandbox and it is working just fine.

Has anyone had any similar issues with access tot the Canvas Lifecycle handler class and know what may be wrong?