LTI 1.3 allows learners to access Masterplan content directly from their LMS β without needing to log in again. This is based on a secure authentication standard called OpenID Connect (OIDC).
π§ What happens during access?
- User clicks a Masterplan link in the LMS
- β The LMS detects: βThis is an external LTI tool launch (Masterplan)β
- OIDC Authentication Request
- β The LMS sends a secure login request to Masterplan.
- β This request includes information like:
- Who is the user?
- What is their role (e.g. learner, instructor)?
- What course/content is being requested?
- Masterplan verifies the request
- β Masterplan checks that the request is valid and trusted.
- β If successful, the user is logged in automatically via Single Sign-On and granted access to the content.
π Security Features
- Every request is signed using a JWT (JSON Web Token).
- Only verified LMS platforms with a valid setup can access content.
- No passwords are shared β identity is confirmed securely via tokens
Notes on implementation
- The faster we receive the necessary data, the faster implementation can begin.
- We cannot influence delays beyond our control (e.g., due to third-party systems).
- Support in third-party systems is only possible to a limited extent, as we cannot assume any responsibility there.
- In order to ensure that everything runs as smoothly as possible, we ask that you involve the necessary people on your side at an early stage, be it your IT department or any LMS service providers.