LTI 1.3 Error 500 when trying to get a token for the lti adventage api

Jump to solution
xcesaralejandro
Community Explorer

I'm trying to consume the names and roles api but I can't get even the token to be able to consume the endpoint.

I get a 500 error no matter what I try. What am I doing wrong? any ideas?

$payload = [
            "iss" => "https://localhost",
            "sub" => CLIENT_ID,
            "aud" => "https://XXXXX.beta.instructure.com/login/oauth2/token",
            "iat" => time(),
            "exp" => 1609459200,
            "jti" => (string) Uuid::uuid4()
        ];
        $jwt = JWT::encode($payload, PRIVATE_KEY, SIGNATURE_METHOD);
        $params = array(
            'grant_type' => "client_credentials",
            'client_assertion_type' => "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
            'client_assertion' => $jwt,
            'scope' => "https://purl.imsglobal.org/spec/lti-nrps/scope/contextmembership.readonly"
        );
        $options = [
            'form_params' => $params,
        ];
        $client = new Client();
        $res = $client->request('POST','https://XXXXX.beta.instructure.com/login/oauth2/token', $options);
        dd($res->getBody());

 

 

Labels (4)
0 Likes
1 Solution
svickers2
Community Contributor

If you configure Canvas to use a JWKS URL then this URL must be publicly available so that Canvas can call it.  If your tool is not on a publicly available server, then try configuring Canvas with your public key instead so that a request to a JWKS endpoint is not required.

View solution in original post