# `Ltix.Registration`
[🔗](https://github.com/DecoyLex/ltix/blob/main/lib/ltix/registration.ex#L1)

Everything the tool knows about a registered platform, established
out-of-band before any launch occurs.

A registration captures the values exchanged during out-of-band setup
between the tool and platform. Multiple deployments on a given platform
may share the same `client_id`.

## Fields

  * `:issuer` — HTTPS URL identifying the platform (no query or fragment)
  * `:client_id` — OAuth client ID assigned by the platform
  * `:auth_endpoint` — HTTPS URL for the OIDC authorization endpoint
  * `:jwks_uri` — HTTPS URL where the platform publishes its public keys
  * `:token_endpoint` — HTTPS URL for OAuth token requests (required for
    Advantage services; `nil` if not using them)
  * `:tool_jwk` — the tool's private signing key (`JOSE.JWK.t()`),
    used to sign client assertion JWTs. Generate one with
    `Ltix.JWK.generate_key_pair/1` and serve the matching public key
    from your JWKS endpoint.

## Examples

    {:ok, reg} = Ltix.Registration.new(%{
      issuer: "https://canvas.example.edu",
      client_id: "10000000000042",
      auth_endpoint: "https://canvas.example.edu/api/lti/authorize_redirect",
      jwks_uri: "https://canvas.example.edu/api/lti/security/jwks",
      token_endpoint: "https://canvas.example.edu/login/oauth2/token",
      tool_jwk: tool_private_key
    })

# `t`

```elixir
@type t() :: %Ltix.Registration{
  auth_endpoint: String.t(),
  client_id: String.t(),
  issuer: String.t(),
  jwks_uri: String.t(),
  token_endpoint: String.t() | nil,
  tool_jwk: JOSE.JWK.t()
}
```

# `new`

```elixir
@spec new(map()) :: {:ok, t()} | {:error, Exception.t()}
```

Create a new registration with validation.

## Validation rules

- `issuer` — HTTPS URL with no query or fragment
- `client_id` — non-empty string
- `auth_endpoint` — HTTPS URL
- `jwks_uri` — HTTPS URL
- `token_endpoint` — HTTPS URL (when present)
- `tool_jwk` — `JOSE.JWK.t()` (the tool's private signing key for this registration)

## Examples

    iex> {:ok, reg} = Ltix.Registration.new(%{
    ...>   issuer: "https://platform.example.com",
    ...>   client_id: "tool-123",
    ...>   auth_endpoint: "https://platform.example.com/auth",
    ...>   jwks_uri: "https://platform.example.com/.well-known/jwks.json",
    ...>   tool_jwk: elem(Ltix.JWK.generate_key_pair(), 0)
    ...> })
    iex> reg.issuer
    "https://platform.example.com"

---

*Consult [api-reference.md](api-reference.md) for complete listing*