Learning Tools Interoperability (LTI) Explained: A Comprehensive Guide

In today's rapidly evolving world of online education, the ability for different learning tools and systems to work together seamlessly is crucial. Learning Tools Interoperability (LTI) has emerged as a key standard to address this need. This article provides a comprehensive introduction to LTI, explaining its core concepts, functionalities, and benefits.

Introduction to LTI

LTI stands for Learning Tools Interoperability, a standard developed by the 1EdTech Consortium (formerly IMS Global Learning Consortium). It enables seamless integration of learning tools and learning platforms, such as Learning Management Systems (LMS), without requiring custom integrations. LTI acts as a digital handshake between two systems, improving the teaching and learning experience.

Core Concepts and Terminology

To understand LTI, it's important to grasp some key concepts and terminology:

Platforms and Tools

An LTI-based ecosystem consists of two principal types of software services:

Platform: The learning platform or LMS, such as Canvas, Moodle, Coursera, or edX. In the LTI specification, the LMS side is called the platform. It is a system that needs to delegate bits of functionality out to a suite of tools.
Tool: The external resource or learning tool that integrates with the platform. On the tool side, examples range from content providers such as Khan Academy, activities providers such as Quizlet and those who have both content and activities, such as Voxy itself. The external resource is called a tool.

LTI Domain Model

LTI generally organizes collections of resources into contexts.

Read also: Understanding PLCs

Context: A learning context, often referred to as a "course." It is a collection of resources with a common set of users and roles.
Resource: A piece of content, such as a document or video, or an activity, such as a quiz or assignment.
User: A person accessing the platform and provided to the tool.
Role: The user's role within the context, such as "instructor" or "student."

Tool Deployment

Tool deployment refers to the specific instance of a tool integrated with a platform. Each deployment has a unique ID.

LTI Links

LTI links are the connections between a resource in the platform and a tool. Each link has a unique ID within the platform.

LTI Launch

An LTI launch is the process of a user accessing a tool from within the platform. It involves a secure exchange of information between the platform and the tool. The launch flow is the process that takes the user from the platform and redirects him to the tool, this may also be referred to as the tool launch.

Functionalities of LTI

LTI enables several key functionalities that enhance the learning experience:

Resource Linking: The ability to launch a tool’s resources from within the LMS without the user having to sign up or configure anything on the tool side.
Deep Linking: The ability to launch a tool’s configuration panel that will return a configured resource link to the platform based on what the user has set up. The next time a user accesses the link, it will be taken to the configured activity/resource instead of the configuration panel.
Assignment and Grading Services (AGS): The ability of posting grades generated by the tool back to the platform’s grade book.
Names and Role Provisioning Services (NRPS): The ability of the platform providing the tool with students list and user information.

The set of the functionalities above is what composes the LTI Advantage standard, meaning when a platform is LTI Advantage certified, it supports all the above mentioned functionalities.

Read also: Learning Resources Near You

LTI Messages and Services

The communication between the platform and the tool may happen through two different flows in the LTI standard: messages and services.

LTI Messages

Messages are a form of communication defined by LTI that is intermediated between the tool and the platform by the user’s browser. That way, messages allow not only the transmission of information but also UI flow control. Messages are what underly Launch Flows, Resource, and Deep linking, for example.

Messages employ an OpenID Connect authentication handshake to transmit all the relevant data to the tool inside an OpenID Token. The data transmitted is composed of the information regarding the identity of the user being sent to the tool, the context, i.e. what course (learning context, in LTI jargon) and resource the user is being launched from, and the message claims, which specifies the type of launch being performed.

The Launch Flow itself is a multi-step process that contains both LTI specific and OpenID Connect stages.

The flow starts with the platform sending a request to the tool’s initiation/login endpoint, signaling it wants to perform a launch. The tool checks the provided information and, if the issuer and client id are recognized, the tool crafts a CSRF token and initiates the OpenID Connect (OIDC) authentication flow.

Read also: Learning Civil Procedure

To initiate the OIDC authentication flow, the tool reaches out to the platform’s OIDC Authentication endpoint providing the client id of the tool being launched, the loginhint (so that the platform knows to which flow this request belongs to), the redirecturi (where the platform must post the OpenID Token) and the CSRF token.

The platform verifies the provided information, most notably whether the redirecturi is part of the redirecturis list provided for the platform when the integration was set up. If everything is correct, the platform responds by posting to the redirect_uri endpoint an Open ID token containing the information about the user, context, and the launch being performed.

The tool parses the Open ID token and checks whether the user has the right permissions to access the resources of the launch and a valid token, that is, its signature and whether or not it is expired. To verify the signature, the tool reaches out to the platform’s keyset retrieval URL to fetch the platform’s public key. If all the checks pass, the tool redirects the user to the resource page and the launch is completed.

LTI Services

Besides messages, the LTI standard offers another mode of communication called services. This form of communication is not attached to any UI flow and is usually carried out through a back channel (between the two systems). Meanwhile, services are REST-like communication carried out by requests made to LTI specified endpoints that are implemented both on the platform and tool.

Differently from messages, services use a REST-like HTTP-based communication. To secure the communication, authentication is required and the OAuth2 Client Credentials Flow using JWT Profile is used to retrieve the access token used to authenticate service requests.

Services communications are used for AGS and NRPS, in the next section, the service API will be detailed in the context of AGS.

Assignment and Grading Service (AGS)

An important aspect of LTI 1.3 is the ability of the tool to send grades to the platform. This transmission of grades works as an LTI service, therefore following the flow and authentication process described previously, where the platform provides an API for the manipulation of the grade book, allowing the tool to retrieve, create line items and publish scores.

Understanding the Grade Book

The grade book is the data structure that stores scores on the platform side. The grade book is a table composed of Line Items as columns and users as rows. A Line Item is usually associated with a resource/activity in the tool, therefore, the cell at the intersection of a user and a Line Item contains the result of that specific user at that specific activity.

The result contains a score and optionally a comment. The score represents the grade obtained by the user in that activity, it also exposes the current status of the activity (completed or in progress). It is also worth noting that the score is a normalized value, which means it ranges between 0 and 1.

Understanding the AGS API

The AGS API contains different endpoints for the manipulation of different elements of the grade book:

Line Items Endpoint
- POST - Create a new line item
- GET - Lists all line items (optionally filtered by LTI Link ID or Resource ID
Line Item Endpoint
- GET - Retrieve a line item
- PUT - update a line item
- DELETE - delete a line item
Scores Endpoint
- POST - Publish scores
Results Endpoint
- GET - Retrieve results from the grade book

For the scope of this article, we’ll detail the scores and results endpoints.

Scores endpoint

The score represents a grade and, more generally, the status of a user in regards to a given line item within the tool. The score service/endpoint is used by the tool to publish the latest tool scores to the platform. The Score service is write-only, GET operations are explicitly not supported.

Example of Score posting payload:

POST /{contextId}/lineitems/{lineItemId}/scores{ “userId”: “23426”, “scoreGiven”: 82, “scoreMaximum”: 100, “comment”: “This is exceptional work!”, “timestamp”: “2021-03-02T18:00:42.120Z”, “activityProgress”: “Completed”, “gradingProgress”: “FullyGraded”}

Results Endpoint

Results service/endpoint allows the tool to query the tool platform for the current results of its own line items. A result represents the current grade for a given line item and user in the platform’s grade book, including any change done directly to the grade within the tool platform. A result cannot be directly altered by the tool, and so only GET operations are supported.

The results endpoint admits two parameters for filtering the response content, the user_id and the limit parameter, which will filter results by the user they belong to and will limit the number of results returned in the response, respectively.

Response example:

GET /{contextId}/lineitems/{lineItemId}/results[ { “id”: “123543”, “userId”: “23426”, “resultScore”: 62, “resultMaximum”: 100, “comment”: “This is ok!”, “scoreOf”: “line_item_url” }]

Benefits of LTI

The adoption of LTI presents undeniable advantages for educators, LMS admins, and the eLearning community at large:

Seamless Integration: LTI simplifies the integration of external tools into an LMS, eliminating the headaches of custom integration.
Single Sign-On (SSO): With SSO, learners only need one set of credentials to access multiple tools within the LMS.
Data Synchronization: LTI automatically syncs data (think grades, progress, or test results) between the LMS and the tool.
Cost Savings: LTI prioritizes smooth integration, allowing new tools to fit right into the familiar LMS interface.
Flexibility: LTI provides the flexibility to update or add new tools without overhauling your LMS.
Increased Student Participation: Institutions implementing LTI-based integrations recorded an increase in student participation.
Reduced Workload: Institutions that adopted standardized LTI integration reported fewer manual steps in course setup and grading workflows.

Challenges and Solutions in LTI Integration

While LTI offers a standardized approach to integrating learning tools, there are challenges that can arise during implementation:

Interoperability Issues: Even with a standard, different LMS and tool vendors may have slightly varying interpretations or extensions, leading to compatibility problems.
- Solution: Utilize IMS Global’s LTI conformance test suites to ensure your LTI implementation adheres to the standard.
Limited Data Access: The base LTI standard might not provide access to all desired data points within the LMS.
- Solution: Explore LTI Advantage, an extension of LTI 1.3, that offers richer data exchange capabilities.
Complex Security Management: Maintaining secure communication and data exchange across multiple platforms requires careful consideration.
- Solution: Implement OAuth 2.0 with JWTs for secure user authentication.
Evolving Standards: The LTI standard is continuously evolving with new versions and features being introduced.
- Solution: Subscribe to updates and announcements from IMS Global regarding the LTI standard.

Best Practices for LTI Integration

To ensure successful LTI integration, consider the following best practices:

Centralized Management Platform: Utilize an API management tool to act as a central hub for all LTI integrations.
Monitoring: Monitoring of API calls and performance metrics for LTI integrations.
Standardized Configuration Management: Implement a configuration management system to automate LTI configuration deployment across environments.
Detailed Documentation: Maintain clear and up-to-date documentation for each LTI integration.
Version Control: Use version control systems like Git to track changes made to LTI configurations.
Secure Authentication Protocols: Implement OAuth 2.0 with JSON Web Tokens (JWTs) for secure user authentication.
Regular Security Audits: Conduct regular security audits of LTI integrations to identify and address potential vulnerabilities.
Data Encryption: Encrypt sensitive data at rest and in transit using industry-standard algorithms to protect user privacy.
Data Privacy Compliance: Ensure that all integrations comply with international data privacy laws.
Regular Updates and Testing: Keep all systems updated to the latest LTI versions and regularly test integrations.
Staying Informed: Keep up with the latest LTI standards and best practices published by IMS Global.

LTI 1.3 and LTI Advantage

LTI 1.3 is the modern version of the Learning Tools Interoperability standard. It defines how an LMS and a third-party learning tool authenticate users and exchange data securely. Earlier LTI versions focused mainly on launching external tools from an LMS. LTI 1.3 shifted the focus to security and standardized service communication.

LTI Advantage is not a separate standard. It is a set of additional services built on top of LTI 1.3. It includes services like:

Names and Roles Provisioning Services (NRPS): Enables automatic exchange of user information between tools and the LMS.
Assignment and Grade Services (AGS): Enables automatic exchange of assignment results between tools and the LMS gradebook.
Deep Linking: Allows instructors to locate available materials without logging into each tool separately.

Security Considerations

LTI 1.3 establishes a secure connection between systems. It separates identity verification from access control. OpenID Connect is used to verify the identity of the user initiating the launch. The LMS acts as the identity provider. OAuth 2.0 is used to authorize access to specific services, such as retrieving course rosters or submitting grades. All LTI 1.3 launches and service calls are signed using JSON Web Tokens. The receiving system validates the signature before processing the request. Tokens expire quickly and cannot be reused.

Troubleshooting Common Issues

Incorrect Role Mapping: LMS platforms use different role models. If roles are mapped incorrectly, tools may grant the wrong permissions.
- Solution: Review role claims from the LMS during test launches. Define explicit role handling rules in the tool.
Grades Failing to Appear: Grades often fail to appear due to incorrect assignment identifiers or missing service permissions.
- Solution: Validate Assignment and Grade Service scopes during setup. Test multiple submission attempts and partial grades.
Names and Roles Request Limits: Some LMS platforms limit the number of users returned in a single Names and Roles request.
- Solution: Support paginated responses. Re-sync enrollment data periodically.
Deep Linking Failures: Deep Linking failures often appear as broken links or incorrect launches for students.
- Solution: Store Deep Linking identifiers per course. Avoid hard-coded content references.

tags: #learning #tools #interoperability #explained