LTI 1.3 Support

LTI integration is broken currently, sorry.

Code FREAK supports integration with Learn Management Systems (LMS) like Moodle or Canvas via the LTI 1.3 standard. Before you begin make sure your LMS supports the LTI 1.3 standard. LTI 1.0 and 2.0 are NOT supported! You need the following information from your LMS:

  • LTI authentication URL

  • LTI/OAuth 2.0 token URL

  • URL to receive the JWK-set of the LMS

  • A client ID (should be generated by your LMS when registering an external tool)

In addition you need to create an RSA keypair and put them into a Java key store. This is required to cryptographically sign the messages send between Code FREAK and the LMS.


Generate the RSA key pair and Java key store

The following instructions will show you how to generate an RSA key pair with the Java keytool and how to extract the public key (often needed for you LMS) with openssl. You will need to have openssl and the JDK’s keytool installed. Please consult a search engine of your choice how to do this for your platform.

Generate the keystore:

This will create a file called cf-keys.pkcs12 with a public/private key pair.

$ keytool -genkey \
  -keystore cf-keys.p12 \
  -storetype pkcs12 \
  -storepass "supersecurepassword123" \
  -keyalg RSA \
  -alias codefreak \
  -validity 10950

Export public key in PEM format:

This will extract the public key (without certificate information) from the pkcs12 file you just created. You may need this information when registering Code FREAK as external tool in your CMS.

$ openssl pkcs12 -in cf-keys.p12 -nokeys | openssl x509 -pubkey -noout
MIIBIjANBgkqhkiG9w0BAQE ...

Register Code FREAK as LTI Tool

Please check the manual of your LMS how to register external LTI 1.3 Tools. If required please use the following information.

Please replace [codefreak-url] with the public accessible URL of your Code FREAK installation including http(s)://…​

Attribute Value

Tool Name


Tool URL


LTI Version


Public key

The exported public key from the previous step

Login URL


Redirect URLs


Deep Linking (Content Selection) URL


Icon URL


Please make sure your LMS passes the user’s name and email address to Code FREAK! Some LMS have additional privacy settings for these options.

The LMS should generate a Client ID for you. Please write it down for the next step.

Configuring Code FREAK for LTI

Please put the key store file in a location where the Code FREAK process can read it. If you are running Code FREAK with Docker you may have to mount the generated key store as volume inside the container.

Adjust the configuration with all the information you received from your LMS. The following is an example that should work with Moodle 3.7 and later:

    enabled: true
    key-store: file:/path/to/your/keystore/cf-keys.p12
    key-store-type: PKCS12
    # for pkcs12 key stores the store password and entry pin are always the same
    key-store-password: supersecurepassword123
      - name: Some human-readable name
        issuer: ""
        client-id: client-id-from-your-lms
        auth-url: ""
        token-url: ""
        jwk-url: ""
        key-store-entry-name: codefreak
        key-store-entry-pin: supersecurepassword123

Example LMS Configurations

Below are some example configurations for individual learn management systems.


LTI 1.3 is supported in Moodle version 3.7 and later!

There are two ways to configure an LTI tool in Moodle: Either globally for all courses or locally for a single course. The global configuration must be done by a Moodle admin. Local tools can be added by the course owner.

The following example was tested in Moodle 3.8.

Global configuration

You will find the wizard to configure LTI tools in Site Administration → Plugins → Activity Modules → External tool → Manage tools. Use "Configure a tool manually" and enter the following data:

Setting Value

Tool name


Tool URL


Tool description

(optional, will be shown in activity creation wizard)

LTI version

LTI 1.3

Public Key

public key obtained in step "export public key"

Initiate login URL


Redirection URI(s)


Custom parameters

(leave empty!)

Tool configuration usage

Show in activity chooser and as a preconfigured tool

Default launch container

New window

Content Selection URL


Icon URL


Secure Icon URL


IMS LTI Assignment and Grade Services

Do not use this service

IMS LTI Names and Role Provisioning

Use this service

Tool settings

Do not use this service

Share launcher‘s name with tool


Share launcher‘s email with tool


Accept grades from the tool


Save the settings and click the "view configuration details" button in the tools list view of Moodle. This will show you all required configuration settings for Code FREAK that you must insert in the application.yml.

    # ... see above
      - name: Moodle
        issuer: "[moodle-url]"
        client-id: "[Client ID from the 'view configuration details' wizard]"
        auth-url: "[moodle-url]/mod/lti/auth.php"
        token-url: "[moodle-url]/mod/lti/token.php"
        jwk-url: "[moodle-url]/mod/lti/certs.php"
         # ... see above

Local Course Configuration

If allowed by the administrator a course owner can add Code FREAK locally to the course. This does not require Code FREAK to be configured globally by the Moodle administrator. Go to your course, enter editing mode in Moodle, create a new activity and choose "external tool" as activity. Click the "+" button next to the selection box of "Preconfigured tool". This will open the same dialog as in the global configuration.

Add a Code FREAK activity

After you configured Code FREAK globally or locally you can always add Code FREAK by using the "external tool" activity. If the Moodle administrator configured the LTI tool globally (and enabled the activity option) you will find Code FREAK as standalone activity in the creation wizard.

After choosing the "external tool" or "Code FREAK" activity you will see a "select content" button. Clicking this button will open a pop-up with all your assignments from Code FREAK. Select one of the assignments from the list. This will auto-fill all the required fields in Moodle. Optionally, you can change the activity name. Make sure that "Share launcher’s name" and "Share launcher’s email" is enabled under "Privacy". All other fields should be left unchanged.

Finish the activity creation by clicking "Save and return to course". You should now have a new activity in your course that will open the assignment in Code FREAK. Bonus: If students use this activity link they will be logged in automatically in Code FREAK.