What id/info to use to uniquely identify a canvas instance?

Found this content helpful? Log in or sign up to leave a like!

Hi All,

What information should I use to uniquely identify a canvas instance during an LTI launch? I need to be a 100% sure that the id token received is for a user in a particular school previously registered in my app.

From what I have seen so far, the iss in the id_token is always the same (canvas.instructure.com, with env-specific variations), which makes it unusable for this end, particularly when self-hosted instances can also have that same iss. For instructure-hosted instances, the only other information I could use is the client_id, but is that unique across all instances? Is that the recommended way to go? Is there any other information I could use?

The jwks token validation url is also the same for all instructure-hosted instances. So, also not a good option to ensure uniqueness of instance.

Thanks

0 Replies

Need help? Sign up or log in to interact with Panda Bot

What id/info to use to uniquely identify a canvas instance?

LTI 1.3

My Hacky Home Campus Solution (using custom JS amo...

Handling Canvas logouts / session termination unde...

Get CANVAS Grades Details directly from PeopleSoft...

Analytics API / Metrics calculation logic

Issue with canvas docker setup, only seeing dinghy...

My Hacky Home Campus Solution (using custom JS amo...

Handling Canvas logouts / session termination unde...

Developer wanted

How to get Developer key for registering tool prov...

Get CANVAS Grades Details directly from PeopleSoft...

You're signed out

What id/info to use to uniquely identify a canvas instance?

Community Help

View our top guides and resources: