Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Participant

Customer concerns about LTI Developer Key

We're a content publisher and we've recently run into a couple of schools where the need to go to the Developer Keys area in Canvas to implement LTI 1.3 has raised red flags about what information they're exposing to vendors.

My guess is that the LTI Key lives with the Developer Keys because that's where the OAuth2 authentication lives, but it's not really a Developer Key in the traditional sense.  Is there an official document that explains this?  If not, can someone make one?  It would help remove a roadblock to vendors integrating with Canvas.

2 Replies

I think this is a good thing that schools are looking deeper into data 3rd parties are asking for from LMS platforms like Canvas. You're right this developer key is used in Canvas to create the client_id used for the Open ID Connect authentication flow in LTI 1.3.

I'm going to be generating blog posts and more documentation in the coming months, but for now the closest documentation we have is

How do I configure an LTI key for an account? 

Thanks for sharing this feedback.

Community Participant

Thanks, Karl, I'm looking forward to it!