response_type: id_token (required, the tool must use a value of id_token)
redirect_uri:
https://lti-ri.imsglobal.org/lti/tools/1728/launches
response_mode: form_post (required, tools and platforms must support a value of form_post)
client_id: OauthClientId (required, client identifier valid at the Platform)
scope: openid (required, must contain the openid scope value)
state: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IkFvYUVtUEZTeV9sbUtoVDY2Y3R5MkEyWjVTb3RRdGNLVGI5dlZLeEJ6WUkiLCJ0eXAiOiJKV1QifQ.eyJ0b29sX2lkIjoxNzI4LCJzdGF0ZV9ub25jZSI6IjUwZTM1NWE0MDUyNGQ0ODYyMDMxIiwicGFyYW1zIjp7ImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6MzMzMyIsImxvZ2luX2hpbnQiOiI1MTc5NzUiLCJ0YXJnZXRfbGlua191cmkiOiJodHRwczovL2x0aS1yaS5pbXNnbG9iYWwub3JnL2x0aS90b29scy8xNzI4L2xhdW5jaGVzICIsImx0aV9tZXNzYWdlX2hpbnQiOiIzMjgyOSIsImNsaWVudF9pZCI6Ik9hdXRoQ2xpZW50SWQiLCJsdGlfZGVwbG95bWVudF9pZCI6IkRlcGxveW1lbnRJZCIsImNvbnRyb2xsZXIiOiJsdGkvbG9naW5faW5pdGlhdGlvbnMiLCJhY3Rpb24iOiJpbmRleCIsInRvb2xfaWQiOiIxNzI4In0sImlzcyI6IkdpYlRvb2wiLCJzdWIiOiJPYXV0aENsaWVudElkIiwiYXVkIjoiaHR0cHM6Ly9sdGktcmkuaW1zZ2xvYmFsLm9yZy9wbGF0Zm9ybXMvMTg1Ni9hY2Nlc3NfdG9rZW5zIiwiaWF0IjoxNzE2MDE3ODA1LCJleHAiOjE3MTYwMTgxMDUsImp0aSI6ImFmNWQzZmRlM2NiZTc0MGUyZGIzIn0.nRvfDDujqDgfUAbvh1Eiu6e7KwvpdFulWBEgolHkhX6exr4e5EifmrzTeXFLhbMOVIivhYZdr1UBotwiFLJeM6FvKNGzGBCaZUai8W1X28KtExIICAxAqMN1i0yRj3Mu63ll5ewWzNB-zRuLOH0T781Pdgky6OB6QSerxN1uwakAv1_XgZWhLO0VANVSWYK_6Rhk5EknGReLWvBQO-9W4NaV2LaVdEn8wtY_gkxIlrW53ipzZnswl_KUHDKUotqdBnrWkaui8jiTvQuhpeSwzn5V_GoQbZGNHUMBM-PSyKyC7kvWqry_pFapbp2G5EiKM1sfvMrsSsuACEfgR9D0Mw (required, opaque value used to maintain state between the request and the callback)
login_hint: 517975 (required, tools and platforms must support a value of form_post)
lti_message_hint: 32829 (required, a platform opaque identifier identifying the user to login)
prompt: none (optional, The tool should use a value of none. In the future a re-launch flow may support additional values being used here)
nonce: 50e355a40524d4862031 (optional, string value used to associate a client session with an ID token, and to mitigate replay attacks)
Send GET Request