Forum Discussion
Issue: External file links behave differently in SCORM vs LMS UI
We've set up a server to host files external to our LMS (flipbooks). The server is set with domain domain restrictions to only accept calls from our LMS's domain.
This works flawlessly for links from within a course description on our LMS. Users tap the Flipbook link and the flipbook loads, no additional login required.
For flipbook links existing within a SCORM-based course, when the Flipbook link is tapped, we are taken to the server but are confronted with a Login screen.
How do we get around this so that calls from our LMS do not require a log in, even when the links exist within a SCORM file? (Our SCORM files are stored on our LMS BTW).
1 Reply
After digging into this a bit, it looks like this behavior is tied to how SCORM runs in the browser. SCORM content is launched in a sandboxed context, and in that environment cookies and authentication headers aren’t always passed reliably. Because of that, domain‑based access works from standard LMS pages but breaks when the same link is launched from embedded SCORM content. From what I can tell, this is expected browser behavior rather than a configuration issue.
I'm asking my LMS provider if they support secure external content launches from SCORM‑hosted courses—such as LMS‑generated signed URLs or LMS‑mediated redirects—so access doesn’t depend on browser state.