My use case is that I need to create an LTI app which would fetch the score from an external platform. The launch URL in the LTI app would be the API endpoint to fetch score. The API Endpoint is provided with an x-api-key

My problem is that how do I authenticate this endpoint from an LTI launch. Where should the x-api-key authorization be provided in LTI XML? Is there any other way to approach to do it?

Also, it would be great to provide links to blogs if there is any. I couldn't find it anywhere in Canvas Community Blog.

Thanks!