Updating settings URLs

Rarely, an LMS will change their settings URLs. If this happens and you need to update those URLs in your database, there are tools to do it.

General

Most LMS URLs are stored in the 'settings' column of the 'lti2_consumer' table. You can update those from an old value to a new value with the 'lti:update-consumer-setting' command:

php artisan lti:update-consumer-setting setting_key_here https://old.url.example https://new.url.example

Specific

Canvas 'sso' domain introduced, summer 2023

Cloud-hosted instances of Canvas introduced a new 'sso' subdomain (https://community.canvaslms.com/t5/The-Product-Blog/Minor-LTI-1-3-Changes-New-OIDC-Auth-Endpoint-Support-for/ba-p/551677). If you have tools that have been set up before then, you can update them:

php artisan lti:update-consumer-setting _authentication_request_url https://canvas.instructure.com/api/lti/authorize_redirect https://sso.canvaslms.com/api/lti/authorize_redirect

php artisan lti:update-consumer-setting _oauth2_access_token_url https://canvas.instructure.com/login/oauth2/token https://sso.canvaslms.com/login/oauth2/token

php artisan lti:update-consumer-setting _jku https://canvas.instructure.com/api/lti/security/jwks https://sso.canvaslms.com/api/lti/security/jwks

And again for the beta domains, if you use them

php artisan lti:update-consumer-setting _authentication_request_url https://canvas.beta.instructure.com/api/lti/authorize_redirect https://sso.beta.canvaslms.com/api/lti/authorize_redirect

php artisan lti:update-consumer-setting _oauth2_access_token_url https://canvas.beta.instructure.com/login/oauth2/token https://sso.beta.canvaslms.com/login/oauth2/token

php artisan lti:update-consumer-setting _jku https://canvas.beta.instructure.com/api/lti/security/jwks https://sso.beta.canvaslms.com/api/lti/security/jwks

And again for the test domains, if you use them

php artisan lti:update-consumer-setting _authentication_request_url https://canvas.test.instructure.com/api/lti/authorize_redirect https://sso.test.canvaslms.com/api/lti/authorize_redirect

php artisan lti:update-consumer-setting _oauth2_access_token_url https://canvas.test.instructure.com/login/oauth2/token https://sso.test.canvaslms.com/login/oauth2/token

php artisan lti:update-consumer-setting _jku https://canvas.test.instructure.com/api/lti/security/jwks https://sso.test.canvaslms.com/api/lti/security/jwks

After making these changes, double-check the 'settings' columns in the 'lti_consumer' table. The '_authentication_request_url', '_oauth2_access_token_url', and '_jku' settings should no longer contain URLs in the 'instructure.com' domain.