You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem or unsupported use case? Please describe.
We have more and more LTI passport to open and manage which is becoming complicated manually.
Describe the solution you'd like
When creating a passport we want to be able to transmit it SECURELY to our contact in 1-click:
Add a contact email on each LTI passport instance to know who to contact
Add a button or action on the admin of LTI passports to send the credential to the contact:
click on the "send credentials" action
record a token in redis e.g "a4f8......db88" expiring after a few hours (configurable?)
accessing the url https://marsha.education/passpport/a4f8......db88 within the expiration period should display the LTI secret and delete the token from Redis so that the link can never be accessed a second time
send an email to the contact containing in the body of the email :
the oauth consumer key
the temporary link to the secret
some explanations and a link to the detailed documentation
Describe alternatives you've considered
Alternatively, let the administrator of an organization manage his.er consumer sites and passports directly from the standalone site.
We should think of encrypting the content of the secret field of the LTI passport in database.
Discovery, Documentation, Adoption, Migration Strategy
The support team should have access to the passport object in admin but not see the value of the secret field. They should have access to the button to send the secret to the contact email.
The text was updated successfully, but these errors were encountered:
Feature Request
Is your feature request related to a problem or unsupported use case? Please describe.
We have more and more LTI passport to open and manage which is becoming complicated manually.
Describe the solution you'd like
When creating a passport we want to be able to transmit it SECURELY to our contact in 1-click:
Describe alternatives you've considered
Alternatively, let the administrator of an organization manage his.er consumer sites and passports directly from the standalone site.
We should think of encrypting the content of the secret field of the LTI passport in database.
Discovery, Documentation, Adoption, Migration Strategy
The support team should have access to the passport object in admin but not see the value of the secret field. They should have access to the button to send the secret to the contact email.
The text was updated successfully, but these errors were encountered: