What is "tool proxy guid" and correct "grant_type"

Community Member

I'm trying to build an app that automatically tests user marks and sends emails for some users based on their marks. For that, I need to use the Web Hooks Subscriptions API and as stated in that document I have to use the JWT authentication. For that, I started testing method 2.0 mentioned in the JWT Access Tokens for LTI2 Tools document. But I'm facing few issues.

1. To create a signed JWT in need following data:

my_jwt = {
  "sub": "123123-ad13-ac233", // tool proxy guid
  "aud": "https://my.canvas-domain.com/api/lti/accounts/1/authorize", // authorization URL used for authorization request
  "exp": 1486393868, // expiration time
  "iat": 1486393800, // issued at
  "jti": "688700c2-4bc1-40b7-83e5-7cbf54f93305" // Random UUID for request

But it is not clear what is "tool proxy grid"

2. I tried authorization code with test dummy values for above as follows:

const data = {
jti: '688700c2-4bc1-40b7-83e5-7cbf54f93305',

const token = jwt.sign(data, 'my-secret',{
algorithm: 'HS256',
expiresIn: '1h',
audience: '<my-custom-canvas-instance-url>/api/lti/accounts/1/authorize', // authorization URL used for authorization request
subject: '123123-ad13-ac233', // tool proxy guid

try {
const apiResp = await axios({
method: 'post',
url: '<my-custom-canvas-instance-url>/api/lti/accounts/1/authorize',
data: {
grant_type: 'authorization_code',
assertion: token,
console.log('apiResp : ', apiResp);
return res.status(200).send({ apiResp });
} catch (err) {
console.log('Something went wrong. Error : ', err.response.data.error);
return res.status(500).send({ error: err.response.data.error });

But it gives me an error saying "invalid_grant", So what should be the correct grant type?

3. For signing the above jwt token, what secret should I use, and where can I get it? 
> 'my-secret' in the above code snippet.

I'm quite new to this domain and please help me. Thanks.

Labels (1)