LTI with Canvas on the wiki

[Alex-Jordan]

On this page in the wiki: https://webwork.maa.org/wiki/LTI_Authentication_(for_WeBWorK_2.18_or_newer)#Canvas_LTI_1.1_Configuration

There are screenshots for setting things up in Canvas, for both LTI 1.1 and 1.3. In both screenshots, the domain is shown to include "https://". This is also included in the text instructions.

At least in the past, this was incorrect. I was able to fix an institution's LTI 1.1 tool by having them change the domain to simply be the domain, without the protocol.

So I am wondering if someone with access to Canvas should double check those instructions on the wiki and see if it matters that you exclude the protocol.

[somiaj]

I just double checked my settings, and I do not have https:// in the Domain field, so the screenshot contradicts my setup.

[drgrice1]

I have checked my settings, and my settings DO have https:// in both the Domain and the Launch URL.

Note that the Launch URL can be left empty if the server has only one LTI external tool that is set up for it.

[drgrice1]

In my experience the tool has never worked if https:// is not there.

[Alex-Jordan]

Just to be clear, this is not about the launch URL, where it makes sense to have https. I don't want to confuse the issue by talking about how it won't work if "https" is not in the launch URL. That is all agreed.

There was at least one time (and I think several) over the past few years with Runestone subscribers where it came down to removing the "https://" from the domain to get things working. This was all with LTI 1.1. And these were instances where there was a sitewide tool/app for WeBWorK that did not specify a launch URL. But then faculty in a course could create their own LTI link/app where they simply specified a launch URL, and by virtue of the launch URL having a domain that matched the specified domain in the global tool, it would work.

But getting to basics, a domain is a domain, right? A domain does not have "http", "https", "ftp", etc. Googling, every time (3 times) I find some tool with a walkthrough for setting up its LTI app/tool in Canvas, it has you enter the plain domain without any protocol specification.

I was wondering if different versions of Canvas might be more flexible or less flexible with this. But then you are saying:

In my experience the tool has never worked if https:// is not there.

To be clear, are you saying this is your experience with "Domain"? And not mixing that with your experience with the launch URL? It's working for Jaimos without the https.

[drgrice1]

Specifically for the Domain, I have https:// (or more generally the protocol) in the setting for the external tools. This is how it is set in production, and also for my local test instance (where it is http://localhost:3005).

I just tested on the local test instance, and it doesn't matter if the http:// is there or not. It works either way. So perhaps different Canvas instances are more flexible.

[somiaj]

I can just confirm I don't use https:// in my Domain, and the instructions I share with my users doesn't include it either. I'm unsure if this was because of an issue I ran into, or I just have a version of Canvas that it doesn't matter.

[szhorvat]

I set up Canvas integration for the first time 2 days ago, before @drgrice1 responded here. It only worked if I omitted the https:// and trailing / for the Domain field, but kept it for the Launch URL. I found this solution thanks to this issue. I do not recall what the error was exactly, something about the domain not matching exactly (?). I hope this feedback is helpful.