-
Notifications
You must be signed in to change notification settings - Fork 69
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue with JWKS #83
Comments
Sorry this won't help much, but I've based my app on the Flask example and I've successfully reported grades to Canvas, Moodle, and Blackboard and I'm only ever using JWK URLs. An invalid keys error from the LMS would refer to keys for the opposite direction - does the app have the LMS's key OK? |
@hmoffatt are you able to share any details of how you configured your tool to work with Canvas? I'm running the Django sample app and it seems that all calls to LTI Advantage services are failing with a "401 user authorization required" error from Canvas. |
The app has the correct LMS keys setup because if I setup the public key (instead of jwks URL) on the LMS, it works. |
I actually found that my problem was related to a known issue with Instructure-hosted Instead I installed my sample tool in our Instructure-hosted production instance and it works fine there. Some details in this thread. |
Aha. I'm testing with a self-hosted Canvas so I didn't see this issue. (I only have access to the free hosted Canvas, and it doesn't allow for site admin access and hence LTI 1.3 can't be used.) |
Hi,
I have an LTI 1.3 tool that I'm connecting to different LMSes for launching a webpage and then reporting grades back.
On the LMS side, you can usually set up either a JWKS URL or a public key for the tool connection.
If I set up the public key in pem format everything works fine. If instead I set up a JWKS URL, I get 400 errors when reporting a grade back to the LMS (tested with Avendoo and https://saltire.lti.app/platform).
My code is based on the Django example, I'm using the GET /jwks URL.
A call to GET /jwks seems to return a valid response that I can even transform to pem:
From the LMS side, I don't get many details on the error, just "invalid key".
Has anyone made this work or can point me to a way to get more details on the issue?
The text was updated successfully, but these errors were encountered: