On further reflection, I realize we can't just simply give a Candela editor role to every user an LMS sends with an instructor role as some of our customers don't want every LMS instructor editing their master Candela courses.
Especially given that it's possible for an LMS user to connect to ANY Candela course they can guess the BLOGID for.
So far, I'm imagining that the easiest path to handle this might be to make Candela-LMS LTI role mapping configurable on the Candela side on a per course basis.
Another option I can think of is that all LTI users continue to be given the lowest Candela role (ie, subscriber), but that we provide a mechanism where a specific LTI user can request greater privileges (in such a way that we know which LTI user is making the request) and then Lumen support grants new privileges on a case by case basis.
On further reflection, I realize we can't just simply give a Candela editor role to every user an LMS sends with an instructor role as some of our customers don't want every LMS instructor editing their master Candela courses.
Especially given that it's possible for an LMS user to connect to ANY Candela course they can guess the BLOGID for.
So far, I'm imagining that the easiest path to handle this might be to make Candela-LMS LTI role mapping configurable on the Candela side on a per course basis.
Another option I can think of is that all LTI users continue to be given the lowest Candela role (ie, subscriber), but that we provide a mechanism where a specific LTI user can request greater privileges (in such a way that we know which LTI user is making the request) and then Lumen support grants new privileges on a case by case basis.
There may be other solutions.