4.20.5. Configuring Open edX User Authentication for LTI#

Every learner who accesses content on an Open edX system must have a user account. The Open edX system uses the accounts to collect data for learner interactions with course content.

After you configure your edX instance as an LTI tool provider, you can configure Open edX user authentication between your Open edX installation and an LTI tool consumer.

For more information about the authentication flows that are available, see Options for LTI Authentication and User Provisioning.

4.20.5.1. Configure Open edX User Authentication for LTI#

To configure Open edX user authentication between your Open edX installation and an LTI tool consumer, follow these steps.

Note

A consumer key and secret are required. The Django administration console provides a hexadecimal string for the secret, but does not provide a hexadecimal string for the key. You must use an external tool to generate the key.

  1. Sign in to the Django administration console for your base URL. For example, http://{your_URL}/admin.

  2. In the Third_Party_Auth section, next to Provider Configuration (LTI) select Add.

  3. Select Enabled.

  4. Enter the Name of your Open edX system, as you want it to appear on the registration page that is presented to learners who access Open edX content from this LTI tool consumer.

  5. To customize the registration process for learners, you can make selections for these optional fields.

  • Skip Registration Form: If you select this option, users are not asked to confirm any user account data that is supplied for them by the LTI tool consumer (name, email address, and so on).

    By default, this option is cleared and learners review a registration form with the account details supplied by the tool consumer.

  • Skip Email Verification: If you select this option, users are not required to confirm their email addresses, and their accounts are activated immediately upon registration.

    By default, this option is cleared and learners receive an email message and must select a link in that message to activate their user accounts.

  1. Enter the following information.

  • Lti consumer key: Enter the hexadecimal string of the key.

  • Lti consumer secret: The system generates a hexadecimal string value for this field. Alternatively, you can replace it with a secret generated by an external tool.

  1. Optionally, change the default value for the Lti max timestamp age.

  2. Select Save at the bottom of the page.

4.20.5.2. Test LTI Authentication#

To verify the sign in process for an LTI provider configuration, follow these steps.

  1. Have the LTI consumer key and secret for the LTI provider configuration available. For example, use the Django administration console to open the Change Provider Configuration (LTI) page.

  2. Use a separate browser window or tab to open the IMS LTI 1.1 Consumer Launch page.

  3. As the Launch URL, enter your base URL followed by /auth/login/lti/. For example, http://{your_URL}/auth/login/lti/.

  4. Copy the Lti consumer key value, and then on the IMS LTI 1.1 Consumer Launch page paste it in as the Key.

  5. Copy the Lti consumer secret value, and then on the IMS LTI 1.1 Consumer Launch page paste it in as the Secret.

  6. Optionally, change the default values in the Launch Data section of the IMS LTI 1.1 Consumer Launch page to match the set of values that the tool consumer is configured to supply.

  7. To test the workflow for a learner who does not yet have a user account on your Open edX system, follow these steps.

    • Use a separate browser window or tab to make sure that you are signed out of your Open edX LMS.

    • On the IMS LTI 1.1 Consumer Launch page, select Recompute Launch Data and then select Press to Launch.

    The page that is configured for delivery to an unauthenticated user loads at the bottom of the page. In the example that follows, the registration page appears (that is, it was not configured to be skipped) and the learner is prompted to complete required fields.

    Screen shot of the IMS LTI 1.1 Consumer Launch page with the registration page for the edX Edge loaded at the bottom.
  8. To test the workflow for a learner who already has a user account on your Open edX system, follow these steps.

    • Use a separate browser window or tab to sign in to your Open edX LMS.

    • On the IMS LTI 1.1 Consumer Launch page, select Recompute Launch Data and then select Press to Launch.

    Your Open edX user account is linked to the LTI provider configuration, and your learner dashboard on the Open edX site loads at the bottom of the page. To unlink your user accounts, select the arrow next to your username, and then select Account. In the Connected Accounts section, select Unlink next to the LTI provider configuration name.