You can integrate LTI 1.3-compliant tools with your on-premise eFront instance starting from eFront version 7.4.0. This article outlines the steps to enable and configure LTI 1.3, from RSA key generation to adding LTI content units in courses.
Steps to enable LTI 1.3
-
Use SSH to access your eFront server and run:
bash openssl genrsa -out /path/to/efront/lti.pem 2048 chmod 400 /path/to/efront/lti.pem chown www-data:www-data /path/to/efront/lti.pem ThenThen
bash PRIVATE_KEY=$(awk 'BEGIN{ORS="\\n"} {print}' /path/to/efront/lti.pem) PRIVATE_KEY_ID=$(openssl rsa -in /path/to/efront/lti.pem -pubout -outform DER \ | openssl dgst -sha256 -binary \ | base64 \ | tr -d '=' | tr '/+' '_-' | cut -c 1-43) -
Add the following to your .env file:
env LTI_JWKS_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\nMIIE...(key content)...\n-----END RSA PRIVATE KEY-----" LTI_JWKS_PRIVATE_KEY_ID="your-generated-key-id"Note: the key must be formatted as a single-line string using <code>\n</code> for newlines -
Restart the web server
bash # Apache sudo systemctl restart apache2 # Or Nginx + PHP-FPM sudo systemctl restart php-fpm sudo systemctl restart nginx - Visit
https://your-efront-domain.com/lti/jwksto verify the configuration. You should see a JSON response.
After performing the above steps, to register your LTI tool, follow the steps outlined in this guide on how to integrate your LTI Tool.