Apply this extra commit to provide some test fixtures: https://github.com/marxjohnson/moodle/commit/17c057fa056ba811868e870a7f34faa0695a70df Log in as admin Ensure you have $CFG->debug set to DEBUG_DEVELOPER Create a course called "Test Course 1" Enrol 4 users on the course. 1 Student, 1 Teacher, 1 Non-editing teacher, 1 Manager. Go to Site Administration > Plugins > Activity modules > External tool > Manage tools Follow "configure a tool manually", and create a tool with the following settings: Tool name: "LTI 1.0 roles provider" Tool URL: " http://moodle.example.com /mod/lti/tests/fixtures/roles_provider.php" where http://moodle.example.com/ is your site's wwwroot. Leave all other settings as default. Save the tool Follow "configure a tool manually", and create a second tool with the following settings: Tool name: "LTI 1.3 roles provider" Tool URL: " http://moodle.example.com /mod/lti/tests/fixtures/roles_provider_1p3.php" where http://moodle.example.com/ is your site's wwwroot. LTI version: "LTI 1.3"  Initiate login URL: " http://moodle.example.com /mod/lti/tests/fixtures/login_initiator.php" where http://moodle.example.com is your site's wwwroot. Save the tool. Go to "Test course 1" and add a new External Tool activity. Set the name to "Test LTI 1.0 roles provider" and select "LTI 1.0 roles provider" from the list of preconfigured tools. Save and return to course. Add another External Tool activity. Set the name to "Test LTI 1.3 roles provider" and select "LTI 1.3 roles provider" from the list of preconfigured tools. Log in as each of the enrolled users, visit the "Test LTI 1.0 roles provider" and "Test LTI 1.3 roles provider" activities in turn. You should see a message "The LTI provider received the following roles for the current user:" and the corresponding LTI role for the user's role archetype: Student 1.0: urn:lti:role:ims/lis/Learner 1.3: http://purl.imsglobal.org/vocab/lis/v2/membership#Learner Teacher 1.0: urn:lti:role:ims/lis/Instructor 1.3: http://purl.imsglobal.org/vocab/lis/v2/membership#Instructor Non-editing teacher 1.0: urn:lti:role:ims/lis/TeachingAssistant 1.3: http://purl.imsglobal.org/vocab/lis/v2/membership/Instructor#TeachingAssistant Manager 1.0: urn:lti:role:ims/lis/Manager 1.3: http://purl.imsglobal.org/vocab/lis/v2/membership#Manager Log back in as admin In Site Administration > Users > Permissions > Define roles, Add a new role: No defaults or preset Short name: ltideveloper Full name: LTI Content Developer Context types where this role may be assigned: Course Capabilities: mod/lti:view, mod/lti:contentdeveloper Enrol a 5th user to "Test course 1" and grant them the "LTI Content Developer" role. Log in as the "LTI Content Developer" user, and visit the "Test LTI 1.0 roles provider" and "Test LTI 1.3 roles provider" activities in turn. You should see the corresponding role on each activity: 1.0: urn:lti:role:ims/lis/ContentDeveloper 1.3: http://purl.imsglobal.org/vocab/lis/v2/membership#ContentDeveloper Log back in as admin and return to "Test Course 1" Turn editing mode on and select "Permissions" from the "Test roles provider" action menu Filter permissions by mod/lti. Add "Non-editing teacher" to the "Prohibited" roles for the capability mod/lti:teachingassistant. Add "Non-editing teacher" to "Roles with this capability" for the capability mod/lti:mentor. Log in as the Non-editing teacher user and and visit the "Test LTI 1.0 roles provider" and "Test LTI 1.3 roles provider" activities in turn. You should see the corresponding role on each activity: 1.0: urn:lti:role:ims/lis/Mentor 1.3: http://purl.imsglobal.org/vocab/lis/v2/membership#Mentor You should not see the urn:lti:role:ims/lis/TeachingAssistant or http://purl.imsglobal.org/vocab/lis/v2/membership/Instructor#TeachingAssistant on either activity.