Found this content helpful? Log in or sign up to leave a like!
Gray screen for Microsoft OneDrive LTI - Local hosted, but trying to load from canvas.instructure.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is pretty much a new canvas installation. The previous postgres database was lost.
Environment
* Canvas: git prod master, Apr 22, 2025, commit 17df9d8
* Ruby 3.3, Passenger 6, Apache
* Redis 7 on localhost:6379
* OneDrive LTI 1.3
What we've done so far:
1. Created a developer key from https://onedrivelti.microsoft.com/admin
** Redirect URIs: was "https://onedrivelti.microsoft.com/tool", but have also tried "https://canvas.<ourdomain>.com/api/lti/authorized_redirect".
Target Link URI: https://onedrivelti.microsoft.com/tool
OpenID Connect Initiation URL: https://onedrivelti.microsoft.com/oidclogin
JWK Method: Public JWK URL
Public JWK URL: https://onedrivelti.microsoft.com/api/jwks
2. Through Settings -> Apps, added an app by client ID. It installed the Microsoft OneDrive tool.
3. Going into a course and clicking Microsoft OneDrive shows a gray screen and a frowny document icon. Hovering over the icon shows: "canvas.instructure.com refused to connect."
* This is self-hosted, so I'm not sure why it's trying to connect to instructure.
* Right clicking and selecting view frame source shows:
| {"status":"bad_request","message":"Invalid lti_message_hint"} |
* Chrome Developer Tools shows in Network that it loads many things off our server, then hits https://onedrivelti.microsoft.com/oidclogin and gets a code 302 response which gives a location of https://canvas.instructure.com/api/lti/authorize_redirect?...(omitted)
* I've confirmed in OneDrive LTI Admin that the platform base URL is https://canvas.(ourdomain).com. I've also tried https://canvas.(ourdomain).com/api/lti/authorize_redirect
4. Verified redis is working. "redis-cli ping" returns "PONG".
* config/redis.yml includes:
production:
url: redis://localhost
* Restarted passenger
5. Verified config/security.yml is:
production: &default
# replace this with a random string of at least 20 characters
encryption_key: (omitted)
lti_iss: 'https://canvas.(ourdomain).com'
This feels like a Microsoft configuration issue to me, but the owner remembers running into this before and there being Canvas configuration change the previous IT guy made to fix this.
