cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Community Member

Imported apps have 'issues'

I have imported many, many apps from another course and, apparently, some have 'issues' - specifically...

The security parameters for the external tool ************ need to be set in Course Settings.

Does anyone know what that means and how I can resolve it? I don't think it is about keys/secrets as there are apps with this issue that do not require key/secret.

Advice gratefully received.

Tags (3)
14 Replies
Highlighted
Navigator

It probably is related to the key or shared secret.

That error message shows up when either the key or secret is set to "fake". Here's the relevant portion of the source code: canvas-lms/context_external_tool_importer.rb​. Lines 20-22 do the check for "fake" and give the warning if it's "fake", but the real story is in lines 48 and 49. They set the value to 'fake' when not provided. This part of the code is handling an import from a migration. Was the course you imported these from done through a course copy or was it part of a migration from another LMS or possibly from a file?

I'm not familiar enough with the code and Ruby to know exactly what's happening, but it sure sounds like it's looking for something, even if it's anything, to be put into those consumer key and shared secret fields.  Backing up that assertion is the last line of How do I add an external app in a course? says (emphasis mine😞 "However, any app used by a vendor will require a key and secret provided by the vendor and need to be configured ..." The API documentation says the consumer key and shared secret are required fields.

Highlighted
Community Member

Thanks, james@richland.edu. I imported courses/modules, etc. from the Commons, so maybe that is where the problem has arisen; maybe I can delete the app and then add the app without it affecting the content in the courses...

Highlighted

Dr. Rimmer:

Even when working with LTI apps that do not require a shared secret or a key, I have best results when I put something in those fields. Typically I just add "12345", or even the word "none", and the app loads fine.

I hope this helps,

KLM

Highlighted

Me too. I usually just enter "none" for both. But, for the specific apps mentioned, the installation process probably doesn't even give you the opportunity, at least, not if those apps are white-listed in the institution's app center. Some of those zero security things like Editor Buttons just install themselves, and who knows what ends up in the key:secret fields. I think this should be considered a bug.

Highlighted
Community Team
Community Team

drimmer@bromsgrove-school.co.uk​, to follow onto james@richland.edu​'s helpful advice, can you provide some examples of which apps from the Edu Apps Center are giving you this message? I suspect that the external apps in question will need to be newly reconfigured upon course copy, but would like to work with a specific example.

(Also, for anyone else coming across this question, the errors are occurring in a Free For Teachers account--so account settings are not an option.)

Highlighted
Community Team
Community Team

I wonder if this is a case of an app installed at the account level in the account where the content shared to Commons was originally created and that app not being installed at the account level in FFT is causing an issue?

Highlighted

Let me preface this with "I know nothing about Commons". But from a security perspective, it would make total sense (actually be required) to strip any consumer_key or shared_secret out of shared content that could be accessed by someone other than the person who shared it.

Highlighted

I see that Dr. Rimmer marked as helpful "How do I manage an Edu App Center whitelist in Canvas? "

Highlighted
Community Member

My goodness, I step away for a day and four kind people all come to help me - thank you very much, stefaniesanders, scottd@instructure.com​​, kelley.meeusen@cptc.edu​, and james@richland.edu.

Here are the issues:

The security parameters for the external tool "Flat World Knowledge" need to be set in Course Settings.

The security parameters for the external tool "Learn360" need to be set in Course Settings.

The security parameters for the external tool "Learning Registry" need to be set in Course Settings.

The security parameters for the external tool "MITocw" need to be set in Course Settings.

The security parameters for the external tool "NYTimes" need to be set in Course Settings.

The security parameters for the external tool "Pixton Comic Maker" need to be set in Course Settings.

The security parameters for the external tool "Quizlet" need to be set in Course Settings.

The security parameters for the external tool "SoftChalk" need to be set in Course Settings.

The security parameters for the external tool "Storify" need to be set in Course Settings.

The security parameters for the external tool "TED Ed" need to be set in Course Settings.

The security parameters for the external tool "YouTube" need to be set in Course Settings.

The security parameters for the external tool "YouTube Uploader" need to be set in Course Settings.