Community help

anurag_biradar · ‎12-02-2019

I was going through this question Names and Roles Provisioning user_id and am using (Names and Role - Canvas LMS REST API Documentation ) api to retrieve user_id value but while following flow mentioned in docs ### JWT Access Tokens for LTI2 Tools - Canvas LMS REST API Documentation . i encountered with reg_key which require in authorize api.

curl https://<canvas>/api/lti/accounts/1/authorize \  
 -F 'grant_type=authorization_code' \
 -F'assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMDAwMDAwMDAwMDAwMyIsImF1ZCI6Imh0dHA6Ly9jYW52YXMuZG9ja2VyL2FwaS9sdGkvYXV0aG9yaXplIiwiZXhwIjoxNDg5Njc0NTAyLCJpYXQiOjE0ODk2NzQ0NDIsImp0aSI6ImQ4MjA0NDBjLTI3YzMtNDg2YS1hZjM5LWQzZDQxOGI4ZDNkYSJ9.S3SxxsSKAKhT8ViHuCDBxp9fbzdYGKJEBftftJMX4-E' \       
 -F 'code=<reg_key>'

because when tool being launched with lti 1.3  that time no such parameter reg_key am getting. 

have you use name and roles provision api (Names and Role - Canvas LMS REST API Documentation) to 
get user_id ? if yes can you mention the flow to get user_id in lti 1.3. 

Thanks.

william_diehl · ‎12-02-2019

Anuraq,

It should be as simple as querying /api/lit/courses//names_and_roles and looking at the “members” values. Each object should have a user_id value.

William Diehl

Analyst/Programmer

(951) 222-8396

anurag_biradar · ‎12-03-2019

Hi William,

to get result data from api /api/lti/courses/:course_id/names_and_roles it requires JWT token as authorization. with rlid(resource link id) , role and limit parameter.

and to get JWT Token . i am following that flow.

is there any other way to execute/retrieve members data from api ?

Thanks.

pklove · ‎12-02-2019

You seem to be mixing up LTI 2 and LTI 1.3

The reg_key is an LTI 2 thing and comes from the tool registration process. Its nothing to do with LTI 1.3.

anurag_biradar · ‎12-03-2019

Hi Peter,

Canvas Documentation ### JWT Access Tokens for LTI2 Tools - Canvas LMS REST API Documentation defines reg_key that for 1.0 and 2.0 flow.

James · ‎12-03-2019

I haven't used this, but I don't read this the way that you read it. I see 1.0 and 2.0 not was two different flows of the same thing, but as someone trying to number the sections in an non-standard way.

Section 1.0 of this document describes how to retrieve a JWT access token for fetching custom TCPs and registering tools. Section 2.0 describes how to retrieve a JWT access token for use with LTI2 API. (such as the originality reports API).
1.0 JWT Access Tokens for Custom TCPs and Tool Proxy Registration
2.0 JWT Access Tokens for LTI2 APIs

In other words, why isn't that just 1 and 2 if they just refer to sections? Why is there a decimal .0 needed?

Under the 1.0 section, it still mentions LTI2.

Then, make a request to the authorization endpoint to retrieve your JWT access token. The URL you should use to make this request is sent in the initial registration request sent from Canvas as a parameter named oauth2_access_token_url. To receive this parameter in the registration request you must first enable the account-level feature flag named “Send Authorization URL in LTI2 Registration.” This parameter will be sent by default without requiring the feature flag in the future.

Since I don't use this, I have more questions than answers. I wonder if the LTI2 is even a legit thing anymore. According to the LTI Adoption Roadmap, LTI 2.0 is a legacy specification, but the recommended upgrade path is to go to LTI 1.3. Then in July 2019, they posted a security update that announced 2.0 was essentially dead: LTI Security Announcement and Deprecation Schedule (July 2019). Canvas posted their announcement about LTI 1.3 in February 2019: LTI Advantage and a message about the deprecation of LTI 2.0 in July 2019: What does the recent IMS LTI Deprecation and Security Update mean for Canvas users and integrations?

In other words, I could imagine scenarios where the reference to LTI2 in the document you mentioned could be (1) a reference to the next-generation LTI of Canvas (they go through naming schemes depending on the year, Quizzes 2.0, Quizzes.LTI, Quizzes.Next, New Quizzes) and not the official LTI 2.0 specification or (2) an outdated reference that hasn't been updated for LTI 1.3.

Peter knows much more about this than I do. All I can say is that I didn't read the 1.0 and 2.0 to refer to LTI 1.x and LTI 2.x, but as to section headings that shouldn't have had a 0 at the end.

109736627567867 · ‎10-17-2023

How can I get <reg_key>?

anurag_biradar · ‎12-04-2019

@william_diehl ‌ pklove‌

So Which Authorization headers we have to send with names and role provison api ? below are details am using to retrieve member data .

https://<institute_name>.instructure.com/api/lti/courses/35/names_and_roles?rlid=0ef0b0a50a0d23&role=http://purl.imsglobal.org/vocab/lis/v2/membership#Instructor&limit=10

and as authorization header am passing id_token what i received in request and content type :'application/vnd.ims.lti-nrps.v2.membershipcontainer+json'.

it resulted into signature likely incorrect error.

Thanks.

[ARCHIVED] what is <reg_key> in canvas to authorize api to retrieve token ?

Archived

Questions

You're signed out

[ARCHIVED] what is <reg_key> in canvas to authorize api to retrieve token ?

Archived

Questions

Community help

View our top guides and resources: