How do we get the authentication endpoint to launch a third party tool?
Hello Udaya Thank You for posting your question. I am not sure of an answer for you, but I wanted to let you know that I am going to share your question with the Canvas Developers group here in the Community in hopes that your question will get some additional exposure. If you are not yet following this group, please use the link that I have provided, and then click on the "Follow" button at the top right corner of the screen. Also, next to that button you'll find a button called "Actions". Click that button, and then select "Join group". I hope this will be of help to you. Good luck!
Thank you, Chris!
Can you explain a bit more about what you need?
Is this an LTI launch?
Or are you wanting to verify the user using OAuth2, but not have API access? For this you can use scope=/auth/userinfo
We are looking to launch our new v1.3 tool from Canvas, as we recently received the good news that Canvas is v1.3 LTI Advantage certified! We know that in order to perform the complete launch, we'll need to complete what the LTI spec refers to as an "out of band" registration process, in which certain pieces of information are exchanged. As a tool, we would need the public key of our Canvas installation, and the OIDC authentication endpoint of our Canvas installation (as is a part of the LTI-mandated OIDC third party initiated login process). Do you know where we can find those two pieces of information?
Its only on Beta at the moment. You need to turn it on under Settings - Feature Options and then under Developer Keys : + Developer Key there is an LTI screen.
Thanks, Peter. We have taken those steps but did not see a place where Canvas' authentication endpoint nor public key could be found. Can you please advise?
We don't have any documentation yet.
Might be better to ask in the LTI 1.3 & LTI Advantage Documentation thread as Linda Feng says they have been able to test 1.3 tools.
It might be that we won't get all the information until IMS make the specification public.
Thanks, Peter. Our question is Canvas-specific, though, so I'm unsure if moving to that thread would be relevant. Perhaps we must just wait for Canvas to be ready with the info we need?
Were you able to find an answer to your question? I am going to go ahead and mark this question as answered because there hasn't been any more activity in a while so I assume that you have the information that you need. If you still have a question about this or if you have information that you would like to share with the community, by all means, please do come back and leave a comment. Also, if this question has been answered by one of the previous replies, please feel free to mark that answer as correct.
For anyone coming across this thread in the future:
Public keys are at: https://canvas.instructure.com/api/lti/security/jwks
(https://yourcanvas.instructure.com/api/lti/security/jwks also works)
Auth token endpoint is: https://canvas.instructure.com/api/lti/authorize_redirect
(https://yourcanvas.instructure.com/api/lti/authorize also works)
Access tokens for calling services can be obtained from: https://yourcanvas.instructure.com/login/oauth2/token (see OAuth2 Endpoints - Canvas LMS REST API Documentation )
Retrieving data ...