The LTI adapter type is an Oauth 1.0 signed request which conforms to the LTI 1.1 standard. In an LTI 1.1 launch, you must provide either the lis_person_sourcedid or ext_user_username property containing the batch_uid/external ID of the user to log in. You may provide a Redirect Parameter to forward the user to a specific location in Blackboard.
Configure the UAS Settings
- Navigate to the UAS Settings screen.
- Select Add Authentication Adapter.
Alias | This is a unique name for the adapter and is used in URLs. The alias will be stored as all lowercase letters and should not contain any special URL characters. |
---|---|
Enabled | This toggle determines whether the adapter is available for use. |
Auth Type | LTI |
Use Outbound Adapter | Select the authentication adapter which will be used for outbound authentication to the external service. (If one is not selected, the default outbound adapter will be used.) |
Debug Enabled | This toggle determines whether debug statements are written to the logs for troubleshooting purposes. |
Restricted Users | Enter a comma-separated list of usernames which cannot use this adapter. |
Key | Enter the Oauth 1.0 key value for the signature. |
Secret | Enter the Oauth 1.0 secret value for the signature. Once saved, you cannot see the value which is saved, but you can change it. |
Redirect Parameter | Specify a parameter that will contain the URL users will be directed to after logging in. |
Disable Nonce Tracking | Select this toggle for troubleshooting purposes so you can re-use authentication requests. For security purposes, we recommend you keep this toggle deselected to keep nonce tracking enabled. |
Help Text | Enter text that will be displayed to the user while the system is provisioning or if an error occurs. This text is limited to 1000 characters. |
User Provisioning | |
Enable User Provisioning | Select this toggle to enable user creation from information provided in the request. The following parameters can be provided with the SSO link and will only be used when auto-provisioning is enabled and the user is created for the first time: |
Default System Role | Choose the system role that will be assigned to new users. Options include the standard roles (SystemAdmin, SystemSupport, CourseCreator, CourseSupport, AccountAdmin, Guest, User, Observer, Integration, and Portal) and any custom roles. |
Default Institution Role | Choose the institution role that will be assigned to new users. |
Default Data Source | Choose the data source that will be assigned to new users. |
Enrollment Provisioning | |
Enable Enrollment Provisioning | Select this toggle to enable enrollments to be auto-created if a coursed is provided and the enrollment does not exist. The following additional parameters are required when auto-provisioning enrollments for the first time: |
Course Role Default | Choose the course role that will be assigned to new users when none is provided. |
Default Data Source | Choose the data source that will be assigned to new enrollments. |
Course Provisioning | |
Enable Course Provisioning | Select this toggle to enable the system to create a course and enroll the user into the course with the specified role. To enable course provisioning, you must have enrollment provisioning enabled. If a provided external course Id (context_id) exists, the system will enroll the user into the course. The following additional parameters are required when auto-provisioning courses for the first time: |
Course Template | Enter the course ID of the template course that will be applied to the new course when copied. |
Default Data Source | Choose the data source that will be assigned to the new course. |
Custom Parameter Name for Skipping Provisioning | This identifies the name of the custom parameter (without "custom_") that will be used to determine if provisioning should be skipped on the request. Provide a Boolean value of "true" to skip the provisioning. |
- Select Save to save your configuration.
The URL for the configured adapter is https://{region}.extensions.blackboard.com/api/v2/authadapters/sites/{siteId}/auth/{alias}.