Versions Compared

Old Version 1

changes.mady.by.user Daniel McCallum

Saved on

compared with

New Version 2

changes.mady.by.user Daniel McCallum

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Overview

As of v2.5.2 and v2.6.0, SSP ships with an implementation of an IMS LTI v1.0 Tool Provider (TP). This allows for point-to-point, inbound SSO into SSP in much the same way as the legacy "Signed URL SSO" mechanism, but in a standards-compliant fashion. The LTI standard is so widely adopted that the SSP team expects LTI to quickly become SSP's most commonly used inbound SSO protocol for tool-to-tool integrations since it typically requires no custom code development.

...

Tool Consumer Configuration Step 3 - Browse the Updated LTI Consumer List

If the save was successful, the new TC list should resemble the following:

Image Added

Tool Consumer Configuration Step 4 - Edit the LTI Consumer

If you decide you need to make changes to the TC, double click the corresponding row in the list view.

Deleting the secret will effectively disable the TC, as will deselecting the Active checkbox.

Image Added

Testing a Tool Consumer

Each TC implementation will have its own unique process for configuring a TP record, so documenting those clickpaths is outside the scope of this document. In general, though, the TC configurer will need to know the:

  1. Consumer Key - Configured above
  2. Consumer Secret - Configured above
  3. Launch URL - See below

SSP LTI Tool Provide Launch URLs

SSP launch URLs are of this form:

No Format
<base>/ssp/api/1/lti/launch/{launch-mode}</target/{target-id}>

launch-mode is required. There are two supported launch-mode values:

  1. live - Sends end user to requested SSP user interface
  2. test - Returns diagnostic information about the launch request handling as JSON

The /target/{target-id} fragment is optional. There are several supported target-id values:

  1. default - Sends user to her default Platform portlet
  2. eaea.roster - Sends user to the Early Alert portlet's roster view, with the specified roster, if any, pre-selected. User will receive an error message and an option to see all her rosters if the specified roster cannot be found.
  3. ea.formea.new - Sends user to the Early Alert portlet's Early Alert submission form. Not typically useful for a OOTB LTI integration because it requires passing the targeted student's identity, not just the launching user's identity.
  4. ssp - Sends the user to the SSP portlet
  5. mygps - Sends the user to the MyGPS portlet
  6. reports - Sends the user to the Reports portlet

If the user does not have permissions to render the specified portlet, she will be sent to her default portlet.

If the launch itself fails for any reason in live launch-mode, the user will receive a brief error message and an error code. If proved to system administrators, that error code can be correlated with stack traces in the SSP logs, which will provide detail on exactly what went wrong.

When launched in test launch-mode the TC will return a 200 status code and a JSON document structured as follows:

No Format
{
    "result_code": <string>,   // Either 'OK' or 'FAILURE'
    "result_description": <string>|null
}

If the launch was successful, result_description will contain the URL to which the end user would have been redirected in live launch-mode. In the launch was unsuccessful, result_description will contain a slightly more detailed message than live mode, but logs will still need to be consulted for complete detail.

For example, the simplest "live" URL, which will attempt to redirect the end user to her default SSP user interface:

No Format
https://ssp.institution.edu/ssp/api/1/lti/launch/live

The corresponding "test" URL:

No Format
https://ssp.institution.edu/ssp/api/1/lti/launch/live

To target the Early Alert portlet with a "live" launch:

No Format
https://ssp.institution.edu/ssp/api/1/lti/launch/live/target/ea

Ad Hoc Tool Consumer Testing

Charles Severance's online LTI testing tool is often a fine starting point for verifying the TP configuration independently of the "real" TC you intend to use. The online version is often sufficient for simple configurations leveraging standard LTI launch params. For more complex usages, you may need to hack and run the PHP source locally:

  1. https://source.sakaiproject.org/svn/basiclti/trunk/basiclti-docs/resources/docs/sakai-api-test/
  2. https://github.com/csev/sakai-lti-test/