Community help

mohammad-fard · ‎04-05-2021

Hi

I'm an external tool developer. We've implemented LTI 1.3 specs for our tool but have a problem with deep linking with Canvas.

We've created a course as an instructor and inside of the course created an assignment. For submission type, We've selected an external tool, and when we clicked the "find" button and select our tool another window shows our HTML. On our page, the students should select a button and after that, the tool returns a JavaScript with auto-submit functionality. The problem is when it post encoded deep linking return message as a JWT with proper parameters to "deep_link_return_url" we get an error in Canvas.

The return URL is "https://OURNAME.instructure.com/courses/12/deep_linking_response?modal=true" and we post JWT to this URL.

Our sample JWT has these parameters and it encoded with the tool private key.

What should we do to overcome this issue and send a proper message to Canvas?

svickers2 · ‎04-06-2021

Another couple of things to check:

Did the deep linking request include a data property in the https://purl.imsglobal.org/spec/lti-dl/claim/deep_linking_settings claim? If so, this should be included in the response as a https://purl.imsglobal.org/spec/lti-dl/claim/data claim.
Is the endpoint which has been configured in Canvas for accessing your public key working? Try navigating to it directly and make sure a key is returned with the same kid value as being used for signing your message.

View solution in original post

matthew_buckett · ‎04-06-2021

The data encoded in the JWT you are sending back looks fine (a very similar JWT works fine for me).

I have seen the error you are encountering when I was sending back the JWT using a lowercase form parameter 'jwt' instead of an uppercase one 'JWT'. Could that be what's wrong in your case?

This part of the specification: https://www.imsglobal.org/spec/lti-dl/v2p0#deep-linking-response-message says that it has to be uppercase.

mohammad-fard · ‎04-07-2021

@matthew_buckett Thanks for the replay, the name is in uppercase.

This is the script that we use to send JWT back to Canvas.

<form id="lti13_deep_link_auto_submit" action="https://OURNAME.instructure.com/courses/12/deep_linking_response?modal=false" method="POST"><input type="hidden" name="JWT" value="TOKEN_VALUE" /><input type="submit" name="Go" /></form><script type="text/javascript">document.forms['lti13_deep_link_auto_submit'].submit();</script>

svickers2 · ‎04-07-2021

Try not giving your submit button a name so that it does not get included in the POST data. Have you checked the signature of your JWT against your published public key?

svickers2 · ‎04-06-2021

Another couple of things to check:

Did the deep linking request include a data property in the https://purl.imsglobal.org/spec/lti-dl/claim/deep_linking_settings claim? If so, this should be included in the response as a https://purl.imsglobal.org/spec/lti-dl/claim/data claim.
Is the endpoint which has been configured in Canvas for accessing your public key working? Try navigating to it directly and make sure a key is returned with the same kid value as being used for signing your message.

mohammad-fard · ‎04-07-2021

@svickers2 Thanks for the replay

1: The deep linking request has not data property.

2: The endpoint is working and I have checked kid values, they are the same.

mohammad-fard · ‎04-11-2021

@svickers2 As you mentioned, it seems the problem was Canvas hadn't accessed our public key because of using a self-sign SSL certificate in our public key endpoint. After we paste our public key details in the developer key instead of using the public JWK URL, the problem is gone. thanks.

pvemula · ‎03-25-2024

If the deep linking request has the data property in the https://purl.imsglobal.org/spec/lti-dl/claim/deep_linking_settings claim but instead of having the data property as a key value pair if the data property is in the query params of the deep_link_return_url property (example. "deep_link_return_url":"https://OURNAME.instructure.com/courses/12/deep_linking_response?data=xyz&modal=true")

If so, should this also be included in the response as a https://purl.imsglobal.org/spec/lti-dl/claim/data claim

matthew_buckett · ‎04-07-2021

If I put an incorrect key in my developer key settings I get:

{"errors":{"jwt":[{"attribute":"jwt","type":"JWT verification failure","message":"JWT verification failure"}]}}

when I try to return a content item.

The only way it breaks in the same way for me is if I'm not sending the JWT back correctly (form parameter issue), but it looks like it's all correct from the snippet you sent. I send content items back like this (React):

      <form action={returnUrl} method='POST'>
        <input type='hidden' name='JWT' value={this.state.jwt} />
        <input type='submit' value='Go' />
      </form>

I am not auto-submitting at the moment as I was debugging some things.

My return URL is very similar (just different deployment and course).

deep linking

deep linking

LTI 1.3

LTI Advantage

Integrate a React App (Not Canvas) to be Canvas LM...

Donot have valid data to test certain APIs

Getting Canvas LTI Data

Prevent Faculty From Using "EX" grade in Gradebook

Can you using "People" Lists to display Observed U...

UI for weekly progression idea

Is the ‘Enable self assessment’ field available in...

Canvas Rubrics API Criteria

api/v1/courses/sis_course_id:{id#}/sections - Not ...

add `desc` or `asc` to a few api calls that are al...

You're signed out

deep linking

Community help

View our top guides and resources: