Register for InstructureCon25 • Passes include access to all sessions, the expo hall, entertainment and networking events, meals, and extraterrestrial encounters.
Found this content helpful? Log in or sign up to leave a like!
I developed an LTI tool and tried to masquerade as a Teacher to test the tool, but Canvas gave me the following error.
Is there something special that I need to do to allow my tool work when masquerading? It looks like it has to do with using a developer key to generate an oauth token, but I'm not sure how to get oauth to work when masquerading or to get my tool to identify when the user coming from Canvas is masquerading.
Solved! Go to Solution.
Just had time to emulate this and I see where you get the message.
Canvas won't let you obtain a token when masquerading. I doubt there is any way around this.
The only way to really test something as a user is to actually log in as that user. As Stuart does, this means you need test users with the particular role you are testing.
Hi @jloiacon ,
I will admit I don't have any experience with developing LTIs, however I can offer some advice on what we did for this. I had always assumed that this was a feature within Canvas (i.e. ensuring someone masquerading could only do so within Canvas, and not other tools). I anticipate this is due to auditing information being readily available within Canvas, however the external tool would only see what looked like the original user, hence could become an auditing risk.
The way we have bent around this is by creating a small number of 'testing' accounts that we can issue out temporarily on an as-needed basis to academics and learning designers to test functionality where the student-view is insufficient.
As the testing accounts have an email address, this provisions a new account through to linked LTIs and therefore enables testing without the need for masquerading.
Is that something that might satisfy your use case?
Cheers,
Stuart
For the masquerade identifying, there are custom variables that can be used. For example, Canvas.masqueradingUser.id will give you the Canvas user id for the masquerading user.
Can you clarify the workflow and at which point you get the message? Does the LTI tool launch okay (it should) and then you get the message when attempting to obtain an access token using OAuth?
If its the latter, and given the message, it looks like you probably are simply not allowed to obtain a token when masquerading. That is, the only person who can authorise a tool to act as them for API calls using OAuth is that person, not a third party masquerading as them.
Just had time to emulate this and I see where you get the message.
Canvas won't let you obtain a token when masquerading. I doubt there is any way around this.
The only way to really test something as a user is to actually log in as that user. As Stuart does, this means you need test users with the particular role you are testing.
To interact with Panda Bot in the Instructure Community, you need to sign up or log in:
Sign In