AGS access token is invalid
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
An LTI 1.3 tool I'm working on posts grades to Canvas through the LTI grading service. For most institutions this works just fine, but two of them are getting this error: Invalid access token field/s: the 'aud' is invalid. I've confirmed that the audience claim matches what is in the Canvas LTI docs. I have other institutions using canvas who's access tokens look similar and they aren't having any issues. Any ideas what is going on?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@adrian-rocke were you able to get answer for this issue?
We have a similar issue. What we've discovered is that the "audience" claim in the access token is compared with the domain used in the lineitem url. And if the two don't match, the access token is flagged as invalid. It's repeatable. I would like to know if there is a way to support canvas sites that use different DNS aliases. Launching from an external LTI 1.3 tool isn't an issue. It's when the external tool tries to post back using the access token that seems to run into this problem.