As the stewards of your students’ data, we know you care deeply about the privacy and security implications of adopting new EdTech tools. With the depth of integration LTI tools can install, there are a lot of technical details which can affect what data is shared. This guide aims to help you understand the settings so that you can make informed decisions about what access to grant.
On the Developer Key under Additional Settings the key can be set to have a Privacy Level of Public or Private. Note that setting the value to something other than what is suggested by the tool provider may prevent services from working, for example if launches are Private then the tool will not be able to properly update the gradebook, even if the “Can create and view assignment data in the gradebook associated with the tool” permission is allowed.
The default information sent in all launches designated as Private includes:
- Resource Link Request
- The ‘title’ or the name of the account, course, or assignment the tool is being launched from
- ID of the resource
- Description of the resource
- The deployment ID of the tool
- The type of context the tool was launched from
- Information about the context the tool was launched from (for example, if it is a course, the course’s name and title)
- The user’s standard LTI role (Administrator, Instructor, User, etc., no custom roles)
- The Canvas Placement Name from which the tool was launched
If the launch is designated as Public it will additionally include:
- The user icon
- The user’s email address
- The username
- The user’s given name
- The user’s family name
- The SIS ID of the user
- The SIS ID of the course
In addition to this information, there are four main setting areas to keep an eye on which can impact what data is shared. We’ll go through each in depth below. The four areas are:
- Permissions (Scopes)
- Deployments
- Placements
- Variable Expansions
Permissions
This section defines the specific placements that belong to each placement category listed below. These categories are used throughout this documentation to indicate where a feature or substitution variable is supported. For example, when a variable is described as working in courses, it applies to all placements included in the corresponding course placement category defined here.
Permission | Description | 1EdTech Spec |
|---|
Can create and view assignment data in the gradebook associated with the tool. | Tools can create and view the maximum score set for an assignment, the date submissions will start being accepted and the date submissions will stop being accepted. | https://purl.imsglobal.org/spec/lti-ags/scope/lineitem |
Can view assignment data in the gradebook associated with the tool. | Tools can view the maximum score set for an assignment, the date submissions will start being accepted and the date submissions will stop being accepted. | https://purl.imsglobal.org/spec/lti-ags/scope/lineitem.readonly |
Can view submission data for assignments associated with the tool. | Tool can view a given assignment’s results including user IDs, users’ scores, and the maximum possible score, as well as any comments visible to a student about the score. | https://purl.imsglobal.org/spec/lti-ags/scope/result.readonly |
Can create and update submission results for assignments associated with the tool. | Tool can create and edit a given assignment’s results including user IDs, users’ scores, and the maximum possible score, as well as comments visible to a student about the score.
| https://purl.imsglobal.org/spec/lti-ags/scope/score |
Can retrieve user data associated with the context the tool is installed in.
| - The tool can view the Course’s short name or code as well as the full name of the course
- The tool can view information about members of the course the tool is available in. The data available is below:
- All tools
- Locale (language)
- API ID
- Primary login username
- The user’s language and timezone
- Membership state in the course
- LTI ID
- Roles in the current context
- Tools with privacy set to ‘public’ or ‘name_only’
- Full name
- Given name
- Family name
- SIS ID
- Tools with privacy set to ‘public’ or ‘email_only’
- Tools with privacy set to ‘public’
- Email address
- Avatar
| https://purl.imsglobal.org/spec/lti-nrps/scope/contextmembership.readonly |
Can update public jwk for LTI services.
| - Canvas specific scope, allows the tool to update the public JWT
- No user data provided. This is used for authentication of the app with Canvas.
| |
Can look up Account information.
| - Allows access to Canvas LTI Account API
- Tools can view the account ID, name, UUID, the account’s parent’s name, the root account ID, and the state of the account.
| |
Can view Progress records associated with the context the tool is installed in. | - Allows access to Canvas LTI Progress API
- The tool can view the progress of asynchronous API operations such as when they started, updated, if they are complete, and if they were successful. No user data is provided.
| |
Can view the content of a page the tool is launched from. | - Allows use of the Canvas lti.getPageContent postMessage
- This enables a tool to request the entire content of a page as HTML. This is currently only supported by the Top_Navigation placement when launched from Assignments and Wiki pages. It is typically used for AI enabled tools.
- The user’s locale, timezone and high contrast settings are shared.
| |
Deployments
In general, tools only get access to information when they are launched, and only about the context from which they are launched and the user who launched them. If a tool is only installed in Course A, it will not get information about Course B. If a tool is only used on Assignment A, it will not get information about Assignment B. Similarly, tools will only have access to update information related to assignments they are used in.
Additionally, tools will only have access to information about the user who launches the tool for any placement with the exception of launches from the Student Context Card placement, which will provide the ID of the student from whose card the tool is launched.
Placements
Many substitution variables are only available in certain placements. We’ve grouped the kinds of placements below to make it easier to understand which substitution variables work in which locations. A document showing screenshots of each placement can be found here.
Placements | Substitution Variables |
|---|
Course Placements | - Course Navigation
- Course Home Sub Navigation
- Course Settings Sub Navigation
- Assignment Index Menu
- Course Assignments Menu (Supports Deep Linking)
- Migration Selection (Supports Deep Linking)
- Sync Grades
- Editor Button (Supports Deep Linking)
- Collaboration (Supports Deep Linking)
- Discussions Topic Menu
- Discussions Index Menu
- Quiz Menu
- Quizzes Index Menu
- Page Menu
- Pages Index Menu
- Top Navigation
- Assignments Group Menu
- Link Selection (Supports Deep Linking)
- Modules Index Menu (Tray)
- Modules Index Menu (Modal)
- Module Menu
- Module Group Menu
- Module Menu Modal (Supports Deep Linking)
|
File Management Placements | - File Menu
- Files Index Menu
|
Assignment placements | - Assignment Edit
- Assignment Selection (Supports Deep Linking)
- Assignment view
- Assignment menu
- Homework Submission (Supports Deep Linking)
- Submission Type Selection (Supports Deep Linking)
- Editor Button (Supports Deep Linking)
|
Other placements | - Global Navigation
- Account Navigation
- Tool Configuration
- Student Context Card
- User Navigation
|
Variable Expansions
The final way that data can be shared with tools is through variable expansions. To see technical documentation about all variables Canvas offers, see here. This list aims to provide general categories of variables and the types of information they provide, as well as the placements these variables work in.
Variable | Details |
|---|
Account information | Provides data about the Canvas account. These variables work anywhere in Canvas |
Analytics Information | Provides information used by xAPI and caliper for analytics. - Works in Courses
- Works anywhere
|
Assignment information | Provides information about a specific assignment owned by the tool. Does not include user information related to the assignment. These variables only work within assignments. - com.instructure.Assignment.lti.id
- com.instructure.Assignment.description
- com.instructure.Assignment.allowedFileExtensions
- com.instructure.Assignment.anonymous_grading
- com.instructure.Assignment.restrict_quantitative_data
- Canvas.assignment.id
- Canvas.assignment.description
- Canvas.assignment.title
- Canvas.assignment.pointsPossible
- Canvas.assignment.unlockAt.iso8601
- Canvas.assignment.lockAt.iso8601
- Canvas.assignment.dueAt.iso8601
- Canvas.assignment.earliestEnrollmentDueAt.iso8601
- Canvas.assignment.allDueAts.iso8601
- Canvas.assignment.published
- Canvas.assignment.lockdownEnabled
- Canvas.assignment.allowedAttempts
- ResourceLink.available.startDateTime
- ResourceLink.available.endDateTime
- ResourceLink.submission.endDateTime
|
Context information | These provide information about the context from which the tool is launched. They work anywhere in Canvas. - com.instructure.Course.allow_canvas_resource_selection
- com.instructure.Course.available_canvas_resources
- Context.title
- Context.sourcedId
- com.instructure.Course.accept_canvas_resource_types
- com.instructure.Course.canvas_resource_type
- com.instructure.Course.canvas_resource_id
- Context.id
- com.instructure.Context.globalId
- com.instructure.Context.uuid
|
Course information | Information about the course the tool is launched from. This does not include information about individuals within the course. These only work within Course Placements, Assignment Placements, and File Management Placements when accessed within a course.
- CourseOffering.sourcedId
- Context.id.history
- Canvas.course.id
- vnd.instructure.Course.uuid
- Canvas.course.name
- Canvas.course.sisSourceId
- com.instructure.Course.integrationId
- Canvas.course.startAt
- Canvas.course.endAt
- Canvas.course.workflowState
- Canvas.term.startAt
- Canvas.term.endAt
- Canvas.term.name
- Canvas.term.id
- CourseSection.sourcedId
- Canvas.enrollment.enrollmentState
- com.instructure.Course.gradingScheme
- Canvas.course.previousContextIds
- Canvas.course.previousContextIds.recursive
- Canvas.course.previousCourseIds
- com.instructure.contextLabel
|
File Management Information | Information about files within Canvas’ file management system. These only work within File Management Placements - Canvas.file.usageRights.name
- Canvas.file.usageRights.url
- Canvas.file.usageRights.copyrightText
- Canvas.file.media.id
- Canvas.file.media.type
- Canvas.file.media.duration
- Canvas.file.media.size
- Canvas.file.media.title
|
Global Information | Technical information for tools, does not include user or account information. These work anywhere. - com.instructure.PostMessageToken
- ToolConsumerInstance.guid
|
Group information | Information about a group. Does not include students who are members of the group. - Work in Courses and Assignments
- com.instructure.Course.groupIds
- Canvas.group.contextIds
- Works in Assignments
- com.instructure.Group.id
- com.instructure.Group.name
|
Module Information | Information about modules. Works within most Course and Assignment Placements when the object can be part of a module. - Canvas.module.id
- Canvas.moduleItem.id
|
Observer Information | Information about users who are observing a course. Works only within Course and Assignment Placements. - com.instructure.User.observees
- com.instructure.Observee.sisIds
|
Plagiarism detection information | Information used by plagiarism checkers. This does not include user specific information.
- Work in assignments
- com.instructure.OriginalityReport.id
- vnd.Canvas.OriginalityReport.url
- vnd.Canvas.submission.url
- vnd.Canvas.submission.history.url
- com.instructure.Submission.id
- com.instructure.File.id
- Work anywhere
- LtiLink.custom.url
- ToolProxyBinding.custom.url
- ToolConsumerProfile.url
|
RCE information | Information about the Rich Content editor. The com.instructure.Editor.contents does include information provided by the user in the rich text editor, so if the user includes their name or personal information in that field it will be shared.
- Works in the Editor Button placement
- com.instructure.Editor.contents
- com.instructure.Editor.selection
- Works anywhere
- com.instructure.RCS.app_host
|
Resource Link information | Information about resource links, which provide links to content. Tools can only access resources which they have created. No user information or account information is shared. - Work within Assignments only
- ResourceLink.id
- ResourceLink.description
- Work anywhere
|
Roles and Permissions information | Information about the permissions and roles both the types available in the account and for specific users if requested (tool must provide user ID to request for an individual user.) These variables work in all placements. - com.Instructure.membership.roles
- Canvas.membership.roles
- Canvas.membership.concludedRoles
- Membership.role
- Canvas.xuser.allRoles
- com.instructure.User.allRoles
- Canvas.user.isRootAccountAdmin
|
Section information | Information about sections. Does not include a list of all users within a section, but can provide a section given a user. Works within Course and Assignment placements.
- com.instructure.User.sectionNames
- Canvas.course.sectionIds
- Canvas.course.sectionRestricted
- Canvas.course.sectionSisSourceIds
|
Submission information | Information about the number of submissions a student has made on a specific assignment. Works within Assignments. - Canvas.assignment.submission.studentAttempts
|
Tool information | Information about how the tool is set up in Canvas. Works anywhere.
- Canvas.externalTool.global_id
- Canvas.externalTool.url
|
User Details | Information about the user including accounts they are an admin in, their pronouns, timezone, preference for high contrast, and timezone. These variables work anywhere.
- Canvas.user.adminableAccounts
- Message.locale
- Canvas.user.prefersHighContrast
- User.image
- com.instructure.Person.pronouns
- Person.address.timezone
|
User email | The user’s email address. These variables work anywhere. - Person.email.primary
- vnd.Canvas.Person.email.sis
|
User ID | Various IDs representing a user. These variables work anywhere. - User.id
- Canvas.user.id
- vnd.instructure.User.uuid
- vnd.instructure.User.current_uuid
- Canvas.user.globalId
- Canvas.user.sisSourceId
- Canvas.user.sisIntegrationId
- Person.sourcedId
- Canvas.masqueradingUser.id
- Canvas.masqueradingUser.userId
- User.username
- Canvas.user.loginId
|
User Session | Information about the user’s Canvas session. These variables work anywhere.
- com.instructure.User.student_view
- Canvas.logoutService.url
|
User Name | The user’s name. These variables work anywhere. - Person.name.full
- Person.name.display
- Person.name.family
- Person.name.given
- com.instructure.Person.name_sortable
|