Sharebar?

LTI Reference Impl launch clarification

LTI Reference Impl launch clarification

I'm afraid I may be missing something and am seeking some clarification regarding deep linking and/or resource link launches from the reference impl. My initial understanding from the LTI 1.3 Core spec and the 1EdTech Security Framework was that messages from the platform must follow the OIDC flow. I assumed this was the case with EVERY request from the platform and, in my experience, appears to be the case with the LMSes I've tested against. However, when working with the reference impl it supports launches directly to the tool bypassing OIDC login. My tool implementation didn't support the non-OIDC launch as I originally required a state parameter on launch.

So to clarify, is it the case that the OIDC login flow isn't required for every request from the platform? If, on the other hand, OIDC flow IS required...what is the purpose of this feature in the reference impl?

My apologies if this has already been asked before, and thanks in advance for any insight provided!

It's required, the RI left

It's required, the RI left that button in there as a courtesy to people that may want to work on the JWT stuff before doing dev work on the OIDC portion.