AnsweredAssumed Answered

Invalid signature when Canvas connects to LTI tool

Question asked by Alessandro Marin on Jan 16, 2019
Latest reply on Jul 8, 2019 by Yaach Alegria

I am trying to combine the Signature verification example from Peter Love in this discussion:  

with the following tutorial:

.NET LTI Project - Part 3 - OAuth  


I can test the Signature verification example in the Canvas Dev and Friends course, module 2, and it works fine. I am using my own domain on https.


By following the tutorial, I can add an app. I am using the same Consumer Key and Shared Secret as in the course. However, when I launch the same url from as in the LTI tutorial, I get an "Invalid signature" error. I can print out the body of the request with all parameters. oauth_consumer_key is right, I do not check for oauth_nonce, oauth_timestamp is present and is supposed to get checked by ims-lti. How to troubleshoot this problem?