Community Help

MarkClaassen · ‎04-08-2022

I have a few questions with logging in

I have an LTI developer key. This works for launches of our tool from Canvas. However, if a user goes to our webpage first, I would like to allow them to login using Canvas as an identity provider.
- With the non-LTI developer key I have this working. Can I use my LTI developer key for this purpose as well?
- Using the LTI key gives me an error with "invalid_scope"
Can I use the OIDC 3rd party launch mechanism to manage the login instead of using the authorization "code" flow I was using above?
- It would be great if I could use the LTI stuff and public / private keys to manage the logins
  - User would go to our app and "Login with Canvas"
  - This would start a OIDC flow and bring up the canvas login page
  - Once successfully logged in, it would call the redirect_uri as normal

Thanks!

MarkClaassen · ‎04-09-2022

I went ahead an deleted and re-added my app. I think to add and LTI application, you need to use the method of installing the app using either the client_id or the LTI URL. (Because of all the other configuration parameters necessary.) If I am incorrect in my assumption here, please feel free to call me out!

Thanks again,

Mark

View solution in original post

Mose986 · ‎04-09-2022

Check this out may be help you https://community.canvaslms.com/t5/Admin-Guide/How-do-I-configure-an-external-app-for-an-account-usi...Myhdfs

MarkClaassen · ‎04-09-2022

Thanks for the reply! I looked at the page you were referring to, and I believe I already did this. I think my problem is a bit adjacent that.

We are trying to integrate our app into Canvas and have been able to do so in our sandbox environment using our LTI developer key. To do that, I needed to configure our app, much like what is on the page you were referring to.

I actually created 2 developer keys in my journey. One of those keys is a standard developer key and one is an LTI key. I would like to use the LTI key's client_id to log into our app. However, this does not seem to work when the launch is not initiated from inside of canvas. If I use the client_id of the non-LTI developer key I created, I can do the standard OAUTH login when a user clicks a "Login with Canvas" button on your website. (Trigger the canvas login page with the correct parameters, (user logs in), Canvas replies with the code which I send back to get a token.)

However, that same code gets an error if I swap out the client_id / client_secret from the non-LTI key to those of the LTI key.

Thanks again for the response. Every little bit of information I collect will help me move forward; even if it is not in a straight line!

I think I will check my notes on what I did and maybe start over with the app configuration and see if I missed something.

MarkClaassen · ‎04-09-2022

I went ahead an deleted and re-added my app. I think to add and LTI application, you need to use the method of installing the app using either the client_id or the LTI URL. (Because of all the other configuration parameters necessary.) If I am incorrect in my assumption here, please feel free to call me out!

Thanks again,

Mark

External OAUTH and LTI Developer Key

Did Canvas SpeedGrader comments change? (Only show...

Link a MasteryConnect Assessment to an existing Ca...

Answering Canvas Messages In Outlook / by Email

Best way to NOT have to cross list but to assign g...

remove question banks at account level

Canvas stuck on loading screen for all classes

What is latest Update on LaTeX accessibility for s...

Canvas UI different between Kids

Did Canvas SpeedGrader comments change? (Only show...

How do I contact my customer success manager or en...

You're signed out

External OAUTH and LTI Developer Key

Community Help

View our top guides and resources: