This is a small LTI 1.3 tool that can be installed.
To run the Spring Boot application, we need to have a bean of type:
Hence, we need to create a config folder in the root directory and inside that we need to add an
To setup TLS in a development environment it's recommended that you install mkcert which will install a trusted root certificate and then allow a certificate to be generated for localhost. Once installed run this in the root of the project:
mkcert -pkcs12 -p12-file config/keystore.p12 localhost
Then start the application with the ssl profile enabled and the LTI tool should be accessible on https://localhost:8443/
For LTI 1.3 a public/private keypair is needed. To generate one for development use:
keytool -genkeypair \
-alias jwt \
-keyalg RSA \
-keystore config/jwk.jks \
-storepass store-pass \
-dname CN=development
Go to you account and add a LTI Developer Key, fill in the following:
- Key name: Name of your tool's key (eg LTI 1.3 Tool Key)
- Owner email: your email.
- Redirect URIs: https://server/lti/#
- Method: Paste JSON
- LTI 1.3 Configuration: Go to https://server/config.json and copy and paste the content into this field.
Open the file config/
and add these properties or copy config/
- replace the client-id value (1234) with the ID of the LTI Developer Key you have created.
- you can update the URIs to point to the canvas instance you are using, but it works fine using the
There is a reference implementation for testing LTI integrations available at which allows you to create a Platform to perform test launches with. These instructions assume you are running the tool on https://localhost:8443/
- Open Generate Keys in a new tab and keep this tab open.
- Open Manage Platforms in a new tab
- Click Add Platform.
- Add a unique name for your Platform.
- Provide a OAuth2 client id. (ex: 12345)
- Add a audience (ex:
- Set Tool Deep Link Service Endpoint to https://localhost:8443/
- Copy Public key from Generate Keys tab and paste into Platform Public Key field
- Copy Private key from Generate Keys tab and paste into Platform Private Key field
- Run
keytool -list -rfc -keystore config/jwk.jks -alias jwt -storepass store-pass
at the root of the project and copy the certificate into to Tool Public Key field. - Click Save
- Find your Platform in the list of Platforms
- View your Platform
- Click Platform Keys
- Click Add Platform Key.
- Create a name for your Platform Key (ex: Key 1)
- Add Deployment ID (ex: 1, you may set up multiple later)
- Click Save
Add a oauth registration/provider for the LTI RI platform to
Update OAuth2 client id (
), same value as Platform above (ex: 12345) -
In Platform tab, navigate to your platform
Click View Platform
Click Platform Keys
Copy well-known/jwks URL endpoint
Update JWT URI (
) with the copied value. -
In Platform tab, navigate to your platform
Copy the OAuth2 Access Token URL value
Update Token URI (
) with the copied value. -
Copy the OIDC Auth URL from Platform Page
Update Authorization URI (
) with the copied value.
Step 5: In Platform tab, view your Platform
Click Courses
Click Add Course
Populate course values in form
Click save
Navigate back and view your Platform
Click Resource Links
Populate resource link values in form
For Tool link url, use https://localhost:8443/
For Login initiation url, use https://localhost:8443/lti/#_initiation/ims-ri
Click Save
Navigate and view your Platform
Click Resource Links
Click Select User for Launch
Click on Launch Resource Link (OIDC) for a user
Click on Post request
Click on Launch Resource Link
Click on Perform Launch
If configuration is setup correctly, you should see Successful Launch at top of page