Authentication
Functional Overview
Authentication for the Turnitin IMS LIS / LTI API can use WSSE UsernameToken or OAuth authentication types.
In order for an APi call to be successfully authenticated, Account ID, Account Shared Key, and Integration ID are required.
OAuth Authentication
You may authenticate your requests using OAuth message signing, only the message signing portion of the OAuth specification is used.
The following specification should be used: http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html
When using LIS calls via SOAP a body hash must be calculated as described in the specification above.
When carrying out Basic LTI calls using 'application/x-www-form-urlencoded' requests then a body hash should not be calculated.
In the case of form based LTI requests the credentials are included in form fields as described in theIMS Basic LTI 1.0 specification and a body hash should not be included as indicated in the OAuth Body Hash Extension specification.
Content-type: text/xml;charset="utf-8"
Accept: text/xml
Cache-Control: no-cache
Pragma: no-cache
SOAPAction: "http://www.imsglobal.org/soap/lis/oms1p0/readResult"
Content-length: 582
Source: 12
Authorization: OAuth oauth_nonce="8ebed48535a40d7d09170daf2ce75388f6f95047",
oauth_timestamp="1338214562",
oauth_consumer_key="49201",
oauth_signature_method="HMAC-SHA1",
oauth_version="1.0",
oauth_body_hash="%2FSm410rn0L%2Ff6gyPqBSdkeaDIJI%3D",
oauth_signature="U8RqppmU15Z7F6Y5FFNecuslW5A%3D"
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://www.imsglobal.org/services/lis/oms1p0/wsdl11/sync/imsoms_v1p0">
<SOAP-ENV:Header>
<ns1:imsx_syncRequestHeaderInfo>
<ns1:imsx_version>V1.0</ns1:imsx_version>
<ns1:imsx_messageIdentifier>30afd77d-8e91-4020-a0c8-c898c6005543</ns1:imsx_messageIdentifier>
</ns1:imsx_syncRequestHeaderInfo>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<ns1:readResultRequest>
<ns1:sourcedId>49313814</ns1:sourcedId>
</ns1:readResultRequest>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
WSSE Authentication
In order to authenticate using the WSSE, the following WSSE UsernameToken specification should be used.
WSSE can only be used for LIS SOAP based calls, for LTI calls OAuth must be used.
Content-type: text/xml;charset="utf-8"
Accept: text/xml
Cache-Control: no-cache
Pragma: no-cache
SOAPAction: "http://www.imsglobal.org/soap/lis/oms1p0/readResult"
Content-length: 1196
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://www.imsglobal.org/services/lis/oms1p0/wsdl11/sync/imsoms_v1p0">
<SOAP-ENV:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>49201</wsse:Username>
<wsse:Password Type="#PasswordDigest">BhUimPf5vUmxYJXV2/vED8DgoXE=</wsse:Password>
<wsse:Nonce EncodingType="#Base64Binary">ZTRlOGUxZmFkN2Y3ODc0Yw==</wsse:Nonce>
<wsu:Created>2012-05-28T14:16:02Z</wsu:Created>
<Account>49201</Account>
<Source>12</Source>
</wsse:UsernameToken>
</wsse:Security>
<ns1:imsx_syncRequestHeaderInfo>
<ns1:imsx_version>V1.0</ns1:imsx_version>
<ns1:imsx_messageIdentifier>429e5dd1-d64f-4a6e-b799-a10e9328c62f</ns1:imsx_messageIdentifier>
</ns1:imsx_syncRequestHeaderInfo>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<ns1:readResultRequest>
<ns1:sourcedId>49313814</ns1:sourcedId>
</ns1:readResultRequest>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>