response_type: id_token (required, the tool must use a value of id_token)
redirect_uri:
https://lti-ri.imsglobal.org/lti/tools/1728/launches
response_mode: form_post (required, tools and platforms must support a value of form_post)
client_id: OauthClientId (required, client identifier valid at the Platform)
scope: openid (required, must contain the openid scope value)
state: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IkFvYUVtUEZTeV9sbUtoVDY2Y3R5MkEyWjVTb3RRdGNLVGI5dlZLeEJ6WUkiLCJ0eXAiOiJKV1QifQ.eyJ0b29sX2lkIjoxNzI4LCJzdGF0ZV9ub25jZSI6IjkyNGYyMjRhMGNlZjI5ZDQ0MmI3IiwicGFyYW1zIjp7ImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6MzMzMyIsImxvZ2luX2hpbnQiOiI1Mzk1MjUiLCJ0YXJnZXRfbGlua191cmkiOiJodHRwczovL2x0aS1yaS5pbXNnbG9iYWwub3JnL2x0aS90b29scy8xNzI4L2xhdW5jaGVzICIsImx0aV9tZXNzYWdlX2hpbnQiOiIzMjgyOSIsImNsaWVudF9pZCI6Ik9hdXRoQ2xpZW50SWQiLCJsdGlfZGVwbG95bWVudF9pZCI6IkRlcGxveW1lbnRJZCIsImNvbnRyb2xsZXIiOiJsdGkvbG9naW5faW5pdGlhdGlvbnMiLCJhY3Rpb24iOiJpbmRleCIsInRvb2xfaWQiOiIxNzI4In0sImlzcyI6IkdpYlRvb2wiLCJzdWIiOiJPYXV0aENsaWVudElkIiwiYXVkIjoiaHR0cHM6Ly9sdGktcmkuaW1zZ2xvYmFsLm9yZy9wbGF0Zm9ybXMvMTg1Ni9hY2Nlc3NfdG9rZW5zIiwiaWF0IjoxNzE2MDA0Mjk3LCJleHAiOjE3MTYwMDQ1OTcsImp0aSI6IjI3MDc4OTAzNDBmYTllMTZlMGNmIn0.jFW0iHo7G2N825vy8t0e3-wH2tze0hnzkIKIjrwBydYMSj2BS41zQGHnftMWcEh4d2gQk3w8gZJ7dhU42JmmXwRJxbOSuuZi_L00FctrxYAN_xMqrYBDQwNlcCgfqnreLByLMX1-t2mDpLYR35uOTOg-jGP30O43PJbpjgwZTN0Qet9x3K72awc83zzHDF0tXHIy1IgM0OC85vRd0k6jAo9If8cCHVBbYlST28zAN7XHb7_zapv56kLljZ4VaiGI89NLKc3qjuCZCLNRbAo3bdagZs_CScNtMyLTxUSmN-RJkhJwjd0aI66K0W-wnwmGNt1QbeUYWF_PUkHVDZ9frw (required, opaque value used to maintain state between the request and the callback)
login_hint: 539525 (required, tools and platforms must support a value of form_post)
lti_message_hint: 32829 (required, a platform opaque identifier identifying the user to login)
prompt: none (optional, The tool should use a value of none. In the future a re-launch flow may support additional values being used here)
nonce: 924f224a0cef29d442b7 (optional, string value used to associate a client session with an ID token, and to mitigate replay attacks)
Send GET Request