Previously, we were able to identify additional details about a Kaltura video based on the embed code. The source of the iframe included a link that let us know it was Kaltura based on the domain and included details about the video in the query parameters. However, with the update to using LTI Resource Links, this information was lost when analyzing the raw source code of course content. We have code to audit to check for compliance of an expectation that a particular page includes a Kaltura embed and want to also build an alert to remind instructors if they weren't meeting the expectation. While I can use the Show an LTI Resource Link endpoint to get the additional details about the embed to confirm it is a Kaltura video embed, this isn't available to other admins with read-only permissions nor to instructors since we don't give access to add LTIs. This means that the audit only works for older embeds for users without the manage_lti_add and manage_assignments_add permissions and doesn't allow for us to create an accurate reminder for instructors using new embeds. LTI Resource Links API: https://canvas.instructure.com/doc/api/lti_resource_links.html

I understand the need to require higher permissions for creating, updating, and deleting LTI Resource Links. However, it would be helpful for the GET calls (List LTI Resource Links and Show an LTI Resource Link) to only require a relevant read permission to use those endpoints. This would enable more accurate audit reporting for more admin users and allow for creating reminders to instructors.

admin,instructor,ta,designer