Problem with third-party integration - LTI Advantage and Oauth 2.0 authentication
Greetings!
We have a third party tool trying to integrate the Brightspace API through Oauth 2.0. Our goal is for them to obtain an access token so they can use grading services (LTI 1.3).
In this initial stage we are following the directions provided here: https://community.d2l.com/brightspace/kb/articles/1100-using-postman-with-the-brightspace-api
We made sure all properties are correct (client id, secret, urls) but every time we initiate the oauth flow, we get an error message:
{"error":"unauthorized_client","error_description":"client is not authorized to initiate user authorization (i.e use the authorization endpoint)","rfc6749_reference":"4.1.2.1, 4.2.2.1"}
Our third party tried different scopes (including the scope provided by Brightspace when registering the tool as an oauth resource) and no success.
Is there anything else we need to activate in order for our third party tool to authenticate successfully? Or is our third party tool missing some key piece?
Best Answer
-
Hello! Make sure the client redirect URI matches exactly (including trail slashes) in the Brightspace oauth configuration section. In addition, the oauth client id might not match the openId client id, so be careful to check they match too!