Community help

JWildman · ‎10-25-2022

I'm currently looking to integrate Canvas through LTI Advantage with a tool, mainly in order to pull course rosters through NRPS, the Names and Role Provisioning Service. I unfortunately need to build the integration from scratch, so I've been combing over the documentation provided by Canvas.

It seems to me that there are two separate flows that need to occur in order to call the NRPS API. Firstly, I need to go through the LTI Advantage Launch flow to get an id_token to get user/course info which I can use to validate the request. But then in order to call the Names and Role API, I need to go through another OAuth2 flow using client_credentials to get an access token that can then be put in the header to the Names and Role API request.

However, between the LTI launch and the Names and Role API request flow, it seems as though no information/tokens from the launch are necessary in order to make an NRPS request. Therefore, is it necessary to implement a launch in order to access NRPS? Could I theoretically authenticate using Canvas but then still be able to call NRPS so long as my tool has a client_id?

matthew_buckett · ‎10-31-2022

I think you're correct on all your assumptions. Your tool can continue to make NRPS calls once it knows the URL for a particular course. If you enable the names and roles provisioning service for your LTI Developer Key then you should get a claim of https://purl.imsglobal.org/spec/lti-nrps/claim/namesroleservice which includes the URL in the 'context_memberships_url' property that you can use. That should make your integration work across multiple LMS platforms as it doesn't depend on the Canvas specific URL patterns.

We've used the NRPS in several of our tools pretty successfully and haven't had too many problems.

View solution in original post

matthew_buckett · ‎10-31-2022

I think you're correct on all your assumptions. Your tool can continue to make NRPS calls once it knows the URL for a particular course. If you enable the names and roles provisioning service for your LTI Developer Key then you should get a claim of https://purl.imsglobal.org/spec/lti-nrps/claim/namesroleservice which includes the URL in the 'context_memberships_url' property that you can use. That should make your integration work across multiple LMS platforms as it doesn't depend on the Canvas specific URL patterns.

We've used the NRPS in several of our tools pretty successfully and haven't had too many problems.

JWildman · ‎11-01-2022

Thanks for the reply Matthew! Still a little unsure on one point though, in your tools, before making NRPS requests, do you do an LTI launch / resource link request? My assumption is that the launch is necessary to gain access to the course context / get the context memberships url and so forth, but since I've yet to find concrete information explaining this (at least viewing when canvas documentation on LTI Advantage).

matthew_buckett · ‎11-02-2022

Yeah we do have a user initiated LTI launch from the course before we attempt to use the NRPS. I don't know if Canvas blocks NRPS access until this has happened. I'm pretty sure it does block access to courses in which the LTI tool isn't enabled though. So if you only install/enable your LTI tool in a sub-account it won't have access to courses outside the subaccount.

If you don't have a LTI launch though how will you know the ID of the course to sync?

JWildman · ‎11-02-2022

Gotcha, this makes sense to me. I guess technically since the canvas LTI endpoints are known, as long as you know the course ID, you could manually input the ID and then do the NRPS request, but obviously if using NRPS on a course is dependent on having the LTI tool enabled in a course, it is probably also dependent on having initiated a launch. This helps a lot in getting a concrete understanding of the whole LTI versus Canvas flow of getting memberships. Thank you!

LTI Advantage launch vs access token for NRPS

LTI 1.3

LTI Advantage

Re: Gradebook API to fetch Scores/Grades

Canvas Data Access Platform (DAP) Python Client Li...

Donot have valid data to test certain APIs

Gradebook API to fetch Scores/Grades

Getting Canvas LTI Data

Re: Gradebook API to fetch Scores/Grades

Canvas Data Access Platform (DAP) Python Client Li...

API: filter resources on timestamp or previous-syn...

Donot have valid data to test certain APIs

API call to pull specific assignments from multipl...

You're signed out

LTI Advantage launch vs access token for NRPS

Community help

View our top guides and resources: