Recommended LTI Adoption Roadmap and FAQ
Learning Tools Interoperability® (LTI®) has emerged as the essential element for teaching and learning interoperability in educational technology architectures. Through the experience of hundreds of implementations, key principles have emerged for the evolution of the LTI standard: maintain a compact core, leverage well-defined extensions for services and messages, adopt an ecosystem-wide security model, and provide a smooth migration path for upgrade adoption.
Following these principles, IMS Global Learning Consortium is revising its recommended LTI adoption roadmap, updating its security model, and transitioning LTI 1.2 and LTI 2.0 to legacy status, effective January 2018.
What is Changing and Why?
While core LTI (launch with services) has been widely adopted and certified by hundreds of learning platforms and tools, the adoption of LTI 1.2 and LTI 2.0 in the market has been slow due to its relatively high effort to implement with benefits that help a small population of users, systems administrators.
Based on input from its members—leaders in the edtech market—IMS Global has established an updated migration path built on the foundation of LTI 1.1 with low barriers to upgrading to future versions. IMS Global will continue to evolve LTI and is planning a LTI 1.3 release in the near term as well as a future LTI 2.x. See figure 1 and the FAQ below for more information.
In addition, IMS is planning the following changes to the future LTI evolution:
- Security will not be embedded in each specification; the security requirement will be a separately published IMS-wide specification
- LTI core and optional LTI extensions, which add specific features to match market and tool provider needs, will be distinguished as the two primary components of the LTI standard
- Certain capabilities such as auto-registration will now be offered as LTI extensions, not bundled into LTI core
- An ecosystem-wide strategy will emphasize LTI’s alignment and integration with other IMS standards
LTI Roadmap Frequently Asked Questions
Is the LTI 2.x series dead?
Not at all. IMS will continue to evolve LTI and current plans include an LTI 2.x release, which will feature an IMS-wide security and identity framework based on OAuth2 along with an auto-registration optional extension that leverages the new security framework. Components of the new framework will first be implemented in LTI 1.3 and expanded for 2.x. A key requirement for LTI 2.x and future IMS specifications is the independent security framework which will be periodically updated as industry security best practices evolve.
Do I need LTI 2.0 to get all of the benefits of LTI?
What happens if I have already implemented LTI 1.2 or LTI 2.0?
IMS supports current implementations of all LTI versions through its certification program. Providers with existing LTI 1.2 or LTI 2.0 implementations will not be required to change. LTI Advantage is compatible with LTI 1.2 and LTI 2.0.
How do I migrate from LTI 2.0 to the latest LTI core?
Isn’t the security model for LTI 2.0 better?
No, industry best practices have evolved since the original publication of LTI 2.0 and with the adoption of OAuth 2.0 and JSON Web Token for message signing, IMS believes LTI 1.3 security represents current best practice. In any event, beginning in 2019 all recertifications of an implementation using OAuth 1.0a must be re-certified as SHA256-compliant at a minimum.