User Authentication at Tool level

[Kalyan]

Hi,

I was looking at integrating D2L instance with my tool.
I would like to know how to make the user mapping from the tokens sent across by D2L to my tool to the correct D2L user. Essentially, I am looking at mapping x_b (userID) and x_d (userSig) parameter values to that specific user at D2L side.
Are there any cookies or session variables that can be used to establish this map between D2L user and userID at my tool side?

Thanks

[Vinod]

I have the same question , I am trying to integrate the tool provider with tight integration with D2L using Valence.

Thanks in advance..

[Desire2Learn Staff: Sarah-Beth]

Have you checked out the two-part blog post on integrating with the LMS? Part 1 talks about LTI and Part 2 talks about Valence. With LTI, the user's name and some additional profile info is sent as part of the LTI Launch. With Valence, you can use the WhoAmI call to get profile info about a user. 

Does that help answer your questions? If not, can you provide a high-level example of the sort of workflow you're attempting to create, and the data you'd like to extract?

[Kalyan]

Thanks Sarah,

I have two questions on the cookies during the authentication process from D2L service to my tool. 

1. Will D2L Service send back all the cookies set by my tool during the response. I see that all the cookies that my tool set are sent by D2L service for every authentication request. Is there a specific pattern/naming convention to create these cookies e.g. myapp_sessionId. 

2. Will there be any authentication/authorization of the cookies at D2L Service end to ensure that these cookies are not tampered. Or, these authentication steps need to be performed at my tool side.

Thanks,
Kalyan

[Desire2Learn Staff: Sarah-Beth]

Hi Kalyan

My understanding is that the client's browser moderates all cookie interactions. So the D2L platform doesn't inspect or manage any cookies set by a 3^rd party tool. 

It sounds like you're interested in how authentication works between a 3rd party App and D2L. Authentication thru Valence uses tokens in the query string, rather than cookies. So your app needs to send the appropriate tokens, and then D2L will send back appropriate tokens. For example, your app sends an x_a and x_c value to identify itself as an App, and an x_target value when it contacts the LMS to request user tokens. Once the user logs in, D2L needs to send back all of those original values (using the x_target to identify where to send the response) and also sends back the user tokens as x_b and x_d values.  I'd encourage you to check out the Authentication topic to see this process mapped out in detail.

Does this help answer your questions? 

~S-BB

[Kalyan]

Thanks Sarah. That answers my question.

Thanks