Community Help

PraveenR · ‎03-15-2023

What are the three URLs required when obtaining developer keys to integrate LTI 1.3 in an external application and how do we determine what values to provide for each URL?

The urls are: Redirect URIs, Target Link URI, OpenID Connect Initiation Url

Here's the screenshot:

chriscas · ‎03-15-2023

Hi @PraveenR,

Those are authentication and passback URLs used as part of the LTI 1.3 standard. Generally the vendor/creator of the app you're integrating will give you the values you need o plug in everywhere to get their integration working (assuming you're a school Canvas admin).

Hope this helps a bit!

-Chris

PraveenR · ‎03-15-2023

Hi @chriscas

We're the tool provider and we are trying to integrated LTI 1.3.

Can you provide us with an example of those URL's?

Thanks.

matthew_buckett · ‎03-15-2023

The OpenID Initiation URL is the location Canvas will send the user when launching the tool, you then need to redirect the users browser to the authorization URL (https://canvas.instructure.com/api/lti/authorize_redirect) including parameters for the launch. Then Canvas will eventually redirect the user back to the redirect URIs at which point you can then render the tool or redirect to the Target Link URI.

The JWK (https://www.rfc-editor.org/rfc/rfc7517) is a key that you will use if you want to sign any requests for LTI advantage services, the format should look like https://canvas.instructure.com/api/lti/security/jwks but you need to generate your own public/private keypair.

PraveenR · ‎03-15-2023

Hi @matthew_buckett and @chriscas

We're using this "GET login/oauth2/auth" endpoint to get the response code, but we are getting the following error,

"A requested scope is invalid, unknown, malformed, or exceeds the scope granted by the resource owner. The following scopes were requested, but not granted: read, write, and trust"

We've added the scopes too. Please look at the following url,

Our URL: http://<oru-canvas-url>/login/oauth2/auth?client_id=<our-client-id>&response_type=code&redirect_uri=...

We've also attached the screenshot of the LTI services checked,

matthew_buckett · ‎03-15-2023

It looks like you are using the URLs outlined on https://canvas.instructure.com/doc/api/file.oauth_endpoints.html which is for API access to Canvas and not for LTI use.

The LTI 1.3 launch flow is outlined in: https://canvas.instructure.com/doc/api/file.lti_dev_key_config.html and you should be using the URLs from Step 2, so a GET request to /api/lti/authorize_redirect with appropriate parameters.

In the screenshot your developer key shows lots of LTI Advantage and Canvas services enabled, but none of those are needed for your tool to launch, it shouldn't hurt anything, but it's not needed for the functionality you are currently trying to get working.

auscollege · ‎03-21-2023

This is my question as well, where do I get these for Microsoft teams for self-hosted canvas...

URLs for getting developer keys

Canvas

where do I locate cover page template

Locating purchased course materials online

Find user with API Token

Course calendar showing events over two iterations...

In "New Quizzes" the buttons "Back" and "Submit" a...

where do I locate cover page template

Locating purchased course materials online

Find user with API Token

THE INFORMATION ON MY COURSE PAGES IS NO LONGER VI...

Turn it in link

You're signed out

URLs for getting developer keys

Community Help

View our top guides and resources: