Keytool maintenance outage at 5pm Eastern

Keytool will be unavailable tonight at 5pm Eastern for approximately one hour. Please avoid trying to access Keytool to register applications during that time. We expect it to be fully online once the maintenance is complete.


D2L Hack 2014: Open innovation and concrete results

Earlier this year, D2L ran its second annual company hackathon – an innovation event aimed at getting the creative juices flowing for employees. I participated in the event, and then followed up with two of the organizers – Sean Yo, Technical Product Manager and Carmen Zannier, Development Manager – to get their feedback on what inspired the event, what it took to make it happen, and their advice to help others host a similar event in their own organizations.

Why are we talking about this event now? As you’ll see below, an important improvement to the Valence developer experience came about as a direct result of D2L Hack 2014. Read on for more info and to hopefully be inspired to run or participate in your own hackathon.

The Mighty Hack - Mar.31 to Apr.4 2014

How would you describe the concept of D2L Hack 2014? What inspired you to run this event? What were the goals of the event?

Sean: For me the D2L Hack 2014 (a.k.a The Mighty Hack) is all about helping the people who build software together at D2L have fun and be awesome. We’ve been working hard at living Agile values in how we build our software; one of the keys to that is to self-organize our work. While we’re making progress, we have a lot of legacy code and organizational history. The D2L Hack is a time to take a week off from our normal constraints and live the dream – build what you want with who you want.

I’m really inspired by Mats of Ruby fame who describes his purpose in creating the Ruby programming language as “help every programmer in the world to be productive, and to enjoy programming, and to be happy. That is the primary purpose of Ruby language.” For Mats, systems need to emphasize human, rather than computer, needs.  D2L Hack 2014 is all about people and giving them the space and time to be joyful and productive. Our goal isn’t to ship software or file patents – if those things can happen that’s great. Our goal is to connect with the thrill of working with a new team, exploring new ideas and hacking as hard and as long as you want because you’re so excited about the work.

What were some of the memorable moments from the event? What were the highs and lows of running and participating in this style of innovation event?

Sean: There are bursts of activity around pitches and groups getting together and setting up their work spaces and war rooms and then it’s very quiet. Heads down – cranking out code. Walking around the office and seeing clusters of people huddled around new workspaces – people from all over the building cross-pollinating and being awesome together was amazing. Definitely one of my favorite memories. I also did some coding – I did a small solo project. I really like doing the things I advocate – it was fun to get my hands dirty in some code. As someone who doesn’t code for a living anymore, having some time – however brief – to sit and code and benefit from the amazing generosity of the engineers at D2L who gave me more than a little help was inspiring.

This was the second time we’ve run this event and the first time it was a bit like “Hey! Let’s do a Hackathon…SWEET!”. It was a ton of work and was crazy awesome. Since we had quite a bit more time to think about the event this time around, we ended up being quite ambitious with our planning. Above and beyond what we did the first time, we had catering and t-shirts, used a new version control system, set up online documentation and discussion to facilitate the event, tracked our projects in our Work Management system, documented time and features, doubled our number of awards, added prizes for awards, invited colleagues from across the organization to judge our awards,  and had people participate in our remote offices across 6 time zones. We had at least one serious crisis a day that left us in sheer panic. But we pulled together, figured it out and moved forward.

What were the prize categories for the event?

Carmen: We had 20 different awards, and 10 of them were directed to projects that supported our Services division.  They each came with a super cool poster that teams could pin up at their desks, as well as a cash prize for a hackathon team lunch.

Here is an sampling of some of the prize categories:

  • People’s Choice: Voted by the people, for the people, by the people for…
  • Most Useful: This project provides exceptional value to the customer and/or D2L.
  • The Bleeding Edge: Technical achievement- forward thinking way beyond reality- the future is now.
  • Hitting The Moon: A.K.A we failed in our scope but look what awesome things we learned!
  • Most Likely to Ship: This thing is so dang good, it’s ready to go today.
  • Support Superstar: Customers lives are changed for the better – a shining star achievement.
  • Bug Buster: Most valuable contribution to the extermination of Services backlog infestation.
  • Less is More: It’s always harder to take away. Congratulations on making a complicated thing simple.
Awards posters for D2L Hack 2014

A few of the posters that were given out to winning teams.

How did the Valence development platform factor into this event?

Sarah-Beth: At least 30% of the projects that came out of the D2L Hack touched Valence in some way. Some consumed Valence Learning Framework APIs to build end-user apps, others experimented with building new APIs or improving upon infrastructure underpinning the development platform.

One such project was called Integrate in an Instant. (Full disclosure: This was the team that I participated on.) To give you some context, as Valence-savvy developers are well aware, the Valence Learning Framework APIs use an ID\Key Authentication mechanism. Every app developed using Valence – whether by a client, Partner, or D2L developer – must be registered in order to generate a unique App ID\Key pair. The process for acquiring those keys has left something to be desired. A team formed around the goal of eliminating the major pain points – long delays in approvals, rejected requests due to human error, and wait times for synchronization of approved apps.

The result of 5 days of research, coding and testing was a prototype of an improved app registration mechanism that allows developers or administrators to register apps directly in a target Learning Environment. The benefits – saving manual effort for approvals, improving productivity for clients & Partners, and reducing the chance of human error – resonated within the company. In fact, the project won two awards –  Less is More and Most Likely to Ship. To make good on the latter award, the project was added to the backlog for a development team, and the prototype was re-engineered into production-quality code that recently shipped to customers. This is just one example of how a D2L Hack project resulted in a direct impact to D2L Clients and staff.

What advice would you give to anyone considering a similar event on their campus or within their organization?

Sean: The most important thing is to be clear on why you’re doing this. It won’t work if it’s a bug blitz in disguise or if it’s constrained to a specific and narrow problem. These events are about self-organized work, it’s about re-energizing development teams by letting them imagine it, pitch it, build it and then demo it. Having a theme is fine – in fact it’s useful. Just don’t lose sight of the fact that this is an investment in talent and culture – it isn’t a way to produce shippable code. In fact, if awesome ideas come out of a hackathon, make sure it’s re-engineered from scratch. Commit to Hackathon code being for the Hackathon only – besides, the rework will be simpler, more elegant and just better.

This event is crazy awesome – and that means it’s a crazy amount of work. To be fair – we did run ours for 5 days, which is…well…crazy. Regardless of the length of the event, a great hackathon takes preparation and planning. Here are a couple of useful resources to look at to get a sense of how to run a hackathon of your own:

Oh – and don’t run out of snacks. Srsly. This is what we got for the D2L Hack 2014.

Wheeled cart stacked with snack food.


Freelance Opportunity: Pitch in on a project for a fellow Community Member

A D2L client and Valence Community Member has a project in mind, but her team doesn’t have the bandwidth to tackle the project right now. Instead, she’s putting the call out to the wider Community to find a developer interested in a small, freelance opportunity.

From Storie Walsh:

We are looking to include a widget on our course homepages that provides profile information about the instructor.  Preliminary research reveals that this project should be possible using a Widget Remote Plugin, LTI and the Valence Learning Framework APIs. We’re looking for a developer who can gather detailed requirements, design and build using the available technologies, and provide us with a working solution to deploy in our environment. For more detail or to express your interest, please contact me via email.

Note: This post is being made on behalf of the requester and in the interest of facilitating member-to-member collaboration. D2L is in no way endorsing this opportunity or endorsing any respondents to this request.

What do you think?

Are you interested in seeing more of these sorts of opportunities shared in the Valence Developer Community? Share your opinions in the ValenceUsers forum.

Do you have a similar request that you’d like to share? Contact us via the Valence email account to share the details and we’ll look into sharing your opportunity.


New App Registration Process – Easy and Instant

Note: The functionality described in this post is available in 10.3 Service Pack 13 and the 10.4.3 release for Continuous Delivery clients. Contact your Account Manager or Technical Account Manager to schedule the appropriate update to your environment to gain access to this new functionality.

Introducing app registration via Manage Extensibility

We’re pleased to announce the latest improvements to the app registration process, which resolves a time-consuming bottleneck that has been on the minds of Development Community Members and D2L Staff.

The Manage Extensibility admin tool in the Learning Environment gives LMS Admins a view of the apps that are currently registered against the environment. The list includes Universal apps released by D2L or our Partners, and Limited apps registered by the institution or its integration providers. The Manage Extensibility tool makes it possible to selectively disable apps so that they can’t connect to your environment. With this update, the Manage Extensibility tool provides the ability to register new apps.

Screenshot of Manage Extensibility interface with new Register An App button

To register a new app, click the Register an App button to launch the Register an Application form. This form is a simplified version of the Register New Application form in Keytool. One notable exception is that you no longer have to specify your environment’s LMSID because this value is inherited based on the environment you’re logged in to.

Complete the required fields – including specifying the new Trusted URL value – and then click Register Application.

Screenshot of Register an Application form with application data.

The LE contacts the Keytool service, which registers the app and generates the App ID\Key pair. Once that process is complete, the LE presents a summary of the request and the generated App ID\Key values. Note that the Key value is obfuscated – this is to ensure that it is only shared on a need-to-know basis to protect the secrecy and security of this important value. Click Back to see the list of registered apps, including the one you just created.

Screenshot of details association with a registered app.

No approval process? No multi-day latency? No kidding?

Under the old app registration process, LMS Admins provide approval for app registration requests via an email-based approval process – even if they request the apps for themselves! The new app registration process puts app registration directly into the hands of LMS Admins, and auto-approves requests due to the trusted nature of the LMS Admin role. Now, Admins can build their own processes for taking in requests from institution staff and integration partners and instantly issue keys to them via a secure channel like an FTP site or encrypted email.

Note: The old app registration process will continue as normal until all clients transition to the new process by upgrading to the appropriate version of the LE. See the App Registration FAQs and Best Practices for more details.

Updating values on registered apps

The new app registration process also allows Admins to update metadata for Limited apps that are registered to their environment. This edit feature is especially handy if your Trusted URL changes.

Note: If you edit an app that was registered prior to August 28th, 2014 when the Trusted URL value was introduced, you’ll have the option to enter a valid Trusted URL.

From the Manage Extensibility screen, click the app name to reveal the complete app details and then click Edit. Update the values in any available field.

Note: Universal apps can only be updated by the requester via the Keytool.

Screenshot showing Edit Application Record form.

Deleting registered apps

Are you ready to retire an app? Did an App ID\Key pair get leaked? You can delete any Limited apps that are registered to your environment.

Caution: Once you confirm this action, it cannot be undone. If in doubt, Disable an app until you can confirm that it should be deleted.

What do you think?

Join the discussion in the ValenceUsers forum to share your impressions of the new app registration process.


Keytool Update – Now with Editable Trusted URLs

Last week, we introduced a new Keytool feature that is part of the phased roll-out of the Whitelisting feature of the Valence Authentication model.

So far, users have been able to navigate the new field and have entered Trusted URLs for app registration requests. But to make things even easier, we’ve made the Trusted URL field editable within Keytool. (Note: The original post has been updated to reflect this change.)

What does this change mean for me?

Now, when you register your app, you can put your expected Trusted URL in place or simply use a placeholder value if you’re unsure of the final endpoint for authentication of your app. So if this value changes, or you don’t know what it will be at the time you register your app, you can log back into Keytool to edit this value from the View Registered Apps screen.

Screenshot of Edit Trusted URL screen.

 

As always, you can let us know what you think of this feature change in the ValenceUsers forum.


Keytool Update: Whitelisting is here – Find out what it means to you

Authentication is one of the first tasks a developer needs to understand when using the Valence development platform. The workflow looks something like this:

  1. Register an app with Keytool to receive an active App ID\Key pair.
  2. Make the App ID and Key values available to your app, likely via one of the SDKs offered to streamline this process.
  3. Use that SDK to request User ID\Key pair from the LMS. The LMS sends the User ID and Signature back to the app via the x_a and x_b parameters, and uses the x_target parameter as the destination address.
  4. Use the user context to sign API calls made against the target LMS by your app.

Whitelisting adds an extra layer of security to the process:

  1. Register an app with Keytool – specifying your Trusted URL, which will be whitelisted to receive the User ID\Key pair on authentication - to receive an active App ID\Key pair.
  2. Make the App ID and Key values available to your app, likely via one of the SDKs offered to streamline this process.
  3. Use that SDK to request User ID\Key pair from the LMS. The LMS sends the User ID and Signature back to the app via the x_a and x_b parameters, and uses the x_target parameter as the destination address. Before sending back those tokens, the LMS will verify that the x_target value matches the Trusted URL specified. If they don’t match, the tokens will not be returned to your app.
  4. Use the user context to sign API calls made against the target LMS by your app.

Screenshot showing Trusted URL field.

Why are we adding this feature?

The whitelisting feature adds an extra layer of security to apps built to use Valence Learning Framework APIs. It ensures that User ID\Key pairs can only be sent to the pre-configured target location, and cannot be redirected to an unsecured location. The first stage in the rollout of that feature is adding the Trusted URL field to the Keytool app registration request form. The second stage of the rollout of the feature involves updating the Learning Environment to validate that the x_target passed by the app matches the Trusted URL. Learning Environment version 10.4.3 is expected to be the first version of the LMS to support this functionality.

How do I determine my Trusted URL?

The Trusted URL is simply a URL in your infrastructure that you will use to receive User ID\Key pairs. The x_target parameter that you append to your API calls must match this value in order for authentication to succeed. So you should have a good idea of where this endpoint will be at the time you register the app in Keytool, since the Trusted URL is now a required field in the app registration request form. Currently you cannot update this value once it’s specified, so be sure to verify the Trusted URL before registering your app. Edit: The Trusted URL field is now editable from within Keytool. So if this value changes, or you don’t know what it will be at the time you register your app, you can put a placeholder value in place and then log back into Keytool to edit this value from the View Registered Apps screen.

Screenshot of Edit Trusted URL screen.

Will my existing Apps continue to work without a Trusted URL?

For the time being, existing apps with an unspecified Trusted URL will continue to function. In the future, you will have an opportunity to update the Trusted URL value to enable whitelisting functionality.

Does this feature have anything to do with the new app self-registration process being previewed at FUSION?

At FUSION, D2L previewed new functionality being added to the Manage Extensibility administration tool in the Learning Environment. The new feature enables an LMS Administrator with sufficient privileges to register an app directly in the LMS, without needing to access Keytool or wait for the approval process. This feature also allows an administrator to edit some of the properties of the apps they have already registered – such as app name or version.

We are delivering the new whitelisting functionality along with this new self-registration functionality. Stay tuned for another blog post detailing that functionality and how it will impact the app registration process. (Edit: Updated screenshot below.)

Screenshot of app registration form in the LMS.

Known Issue with Google Authentication and Keytool

As part of this update to Keytool, we’ve implemented a newer version of the Google authentication mechanism to replace the deprecated version that was previously in place. The new version of the authentication mechanism may cause the list of Application Records to appear empty when you click the View Registered Applications link. All registered apps continue to work and are stored in the database securely.

If your list appears empty when it shouldn’t, contact us via email and provide the following details:

  • The email address that you use to log in to Keytool.
  • The email address that appears in the top right corner of the Keytool interface after you log in. It should be different than the address you used to log in.

Tell us what you think!

Do you have questions or feedback about the new whitelisting feature? Join us in the ValenceUsers forum to share your thoughts with fellow community members and D2L staff.


Have you seen? Have you heard? New Brightspace Community site!

Members of the Valence Developer Community (that’s you) may be interested to know that there’s a new Brightspace Community site. The site is a gathering place for D2L clients, partners, staff – and developers, too – to access resources, share ideas and exchange information on Brightspace and other D2L products and services. Most of the resources are available for public access – which means there’s no need to log in to access product documentation, reply to discussion forums or view self-directed training videos.

Members who create an account on the site gain extra features – like the ability to initiate forum threads and create a member profile to start connecting with other members. You can check out the latest Community Updates blog post for an overview of those features and benefits.

What does this mean for the Developer Community?

The existing community resources will remain as-is. This includes this blog, the ValenceUsers forum, GitHub repos, and the Valence project site.

In the next several months, we’ll be working on a transition plan to bring together these disparate sites in a central location in the new Brightspace Community site. We’ll be sure to give ample notice of any changes – making announcements on all the related sites and by direct email where possible. We intend to provide the easiest transition process possible for Developer Community members. The end goal is to have a unified experience within the larger community site.

What should I do in the meantime?

Keep doing what you’re doing in the Developer Community – post to the ValenceUsers forum, read this blog, and access the Valence project site for documentation and links to other resources.

Join the new Brightspace Community site to access other product and community resources and start connecting with your peers.

Become a member of the Brightspace Community site to discover and connect with D2L clients, partners, users and developers.

If you have any questions or feedback about the current Developer Community resources or the transition plan, start a thread over on the ValenceUsers forum.


Follow

Get every new post delivered to your Inbox.

Join 39 other followers