Veracity Learning Version 1.6 Released

Veracity Learning Version 1.6 Released

Veracity is proud to announce the release of Veracity Learning v1.6. This release includes bug fixes and performance improvements, plus a few new features.

New Features


This major new feature allows users to author JavaScript files and place them in a directory alongside the LRS executable. These plugins can add features, augment behaviors, integrate the LRS with other tools, extend the user interface or add analytics capabilities. Check the documentation for more details.

Remove Lite mode restrictions

We've removed almost all restrictions on the Lite versions. This means that you get all the tools and features of on your own servers. The only remaining restriction is that you can only create 5 LRSs under a single account, and our content player is not available. Here's a short list of features we've opened up to free users

  • Dashboard and widget embedding
  • REST API for management
  • Plugin analytics processors
  • Custom dashboards
  • Viewers for attachments and activity states

JWT for xAPI access

One of the major topics in the xAPI community is how to get credentials to the client. While xAPI mandates support for HTTP Basic Authentication, this solution has several drawbacks. Some content hard codes these credentials into the courseware, other solutions pass the values via the query string. Either way, without careful design, it's easy to over share access to the LRS. One solution to this is to generate a unique API pair for each user or launch. While you can accomplish this with our REST API, it involves a lot of overhead.

Using JWT-based access controls greatly simplifies the task of generating short lived credentials. Instead of using a REST API to tell the LRS to create a Basic Auth credential, then revoke it at the end of a session, you can send a payload in the Authentication header that describes what rules are enforced. Why can't the client fake this? Because it's digitally signed with a key that you got from the LRS. Since it's signed, we know the rules (like read, write, or timeout) are what you intended, and because the user sees only the token, not the secret, we know that they can't forge their own. Finally, since a JWT is stateless, we never have to store it in a database, and neither do you. You just generate one on demand, hand it to your client's browser, and forget about it. When it expires, we will reject it - all this without any API call or database logic. It's a fantastic way to authorize clients to your LRS.

Embed full dashboards

In the past, we offered a feature to embed a widget on another page. Now, we've extended that system to allow the embedding of a full dashboard. You can even allow the embedding app to set parameters like which actor or what time range.

Dashboards themes

Since we expect that dashboards will be embedded into other systems that have their own style, we've added an optional plugin that each LRS can activate. This plugin will allow you to set colors and styles for the dashboards.

System Level APIs

For enterprise customers, the per LRS REST API that allows for management has been extended to the system level. You can now control user accounts, system level plugins, and system configuration via the API.


  • Custom dashboards and generic aggregation widgets support the time filter.
  • Add system timeouts everywhere.
  • Send validation emails to learners in learner portal.
  • xAPI keys can be disabled without deleting.
  • Better console logging.
  • Allow reload from console.
  • Internalize most CSS and JS resources, to support running offline.
  • Improve statement viewer date time picker.
  • Hash passwords client side.
  • Search by ID in statement viewer.
  • Most charts in the custom dashboard allow setting titles.
  • Add embedded dashboards to API.
  • Faster chart rendering.
  • Display rate limit info in UI.
  • Render error message to URL when origin is not as expected from the .env host settings.
  • Better support for 409 conflict behaviors in xAPI.
  • Add context.registration value to Tincan Launch.
  • Non strict mode LRSs now transparently ignore additional querystring params.
  • Fix rare issue where integer and float types conflict in ElasticSearch.
  • Fix email address format validation for learners.
  • When uploading a Tincan Package then editing, prefill the ID field with the default value.
  • Track object parents in the canonical tables.
  • Better handling of URI's that are not URLs.
  • Fix error in Scan For Agent feature where agents with Mbox values are parsed incorrectly.
  • 10x improvement in speed of LRS stats retrieval.

As usual, please reach out if you have questions, comments, or experience any issues updating. The download for the free Lite version is also updated. You should be able to simply overwrite the old executable. There are no additional migration steps.