Error HTTP 403 while processing Deep Linking response in LTI 1.3 integration

We are trying to integrate LAMS with Brightspace using LTI 1.3. With existing code we have been successful with other LMSes.A Deep Linking request gets processed successfully. LAMS displays its content selection screen. On save Brightspace produces a 403 error. Its logs only say "Error processing deep linking return".Here is an anonymised request we are getting from Brightspace----{ "alg": "RS256", "kid": "d830e74d-4e7a-47fd-be21-91a5bbe2918d", "typ": "JWT"}{ "nbf": 1654763354, "exp": 1654765154, "iss": "https://anonymoustest.brightspace.com", "aud": "cee1b12b-7a51-4031-b3f3-6290de804df6", "iat": 1654763354, "sub": "d3f1105f-7b67-4282-b71a-33f3fdadfa95_2387", "given_name": "Anonymous", "family_name": "An", "name": "Anonymous An, "email": "Anonymous.An@anonymous.com", "nonce": "2432ad5c85fc", "https://purl.imsglobal.org/spec/lti/claim/message_type": "LtiDeepLinkingRequest", "https://purl.imsglobal.org/spec/lti/claim/version": "1.3.0", "https://purl.imsglobal.org/spec/lti/claim/deployment_id": "ab6df953-502d-4d0e-aab4-a65a2b880a4c", "https://purl.imsglobal.org/spec/lti/claim/target_link_uri": "https://anonymous.lamsinternational.com/lams/lti/advantage", "https://purl.imsglobal.org/spec/lti/claim/roles": [  "http://purl.imsglobal.org/vocab/lis/v2/membership#Learner",  "http://purl.imsglobal.org/vocab/lis/v2/membership#Instructor",  "http://purl.imsglobal.org/vocab/lis/v2/membership#Member",  "http://purl.imsglobal.org/vocab/lis/v2/membership#Mentor",  "http://purl.imsglobal.org/vocab/lis/v2/membership#Administrator",  "http://purl.imsglobal.org/vocab/lis/v2/institution/person#Instructor",  "http://purl.imsglobal.org/vocab/lis/v2/institution/person#Staff" ], "https://purl.imsglobal.org/spec/lti/claim/context": {  "id": "9052",  "label": "2017 test 1",  "title": "2017 test 1",  "type": [   "http://purl.imsglobal.org/vocab/lis/v2/course#CourseOffering"  ] }, "https://purl.imsglobal.org/spec/lti/claim/lis": {  "course_offering_sourcedid": "anonymoustest.brightspace.com:2017 test 1",  "course_section_sourcedid": "anonymoustest.brightspace.com:2017 test 1" }, "https://purl.imsglobal.org/spec/lti/claim/launch_presentation": {  "locale": "en-US" }, "http://www.brightspace.com": {  "tenant_id": "54fe20b5-4e8b-4ad4-a9ba-43985dc84795",  "org_defined_id": "",  "user_id": 2387,  "username": "Anonymous.An",  "Context.id.history": "" }, "https://purl.imsglobal.org/spec/lti-ags/claim/endpoint": {  "scope": [   "https://purl.imsglobal.org/spec/lti-ags/scope/lineitem",   "https://purl.imsglobal.org/spec/lti-ags/scope/lineitem.readonly",   "https://purl.imsglobal.org/spec/lti-ags/scope/result.readonly",   "https://purl.imsglobal.org/spec/lti-ags/scope/score"  ],  "lineitems": "https://anonymoustest.brightspace.com/d2l/api/lti/ags/2.0/deployment/ab6df953-502d-4d0e-aab4-a65a2b880a4c/orgunit/9052/lineitems" }, "https://purl.imsglobal.org/spec/lti-dl/claim/deep_linking_settings": {  "accept_types": [   "link",   "file",   "ltiResourceLink",   "image"  ],  "accept_media_types": "*/*",  "accept_presentation_document_targets": [   "iframe",   "window"  ],  "accept_multiple": true,  "auto_create": false,  "deep_link_return_url": "https://anonymoustest.brightspace.com/d2l/lti/dl/content/orgUnitId/9052/linkId/131/parentModuleId/29653/cB5tc3pFZsZlDCZH_r2q1ycSazDE6YfOdGRg6OEfRFU%7e",  "data": "cB5tc3pFZsZlDCZH_r2q1ycSazDE6YfOdGRg6OEfRFU~" }, "https://purl.imsglobal.org/spec/lti/claim/custom": {  "contexthistory": "",  "usertimezone": "Asia/Dubai" }, "https://purl.imsglobal.org/spec/lti-nrps/claim/namesroleservice": {  "context_memberships_url": "https://anonymoustest.brightspace.com/d2l/api/lti/nrps/2.0/deployment/ab6df953-502d-4d0e-aab4-a65a2b880a4c/orgunit/9052/memberships",  "service_versions": [   "2.0"  ] }, "https://purl.imsglobal.org/spec/lti/claim/tool_platform": {  "guid": "54fe20b5-4e8b-4ad4-a9ba-43985dc84795",  "product_family_code": "desire2learn" }}----- The response we are sending is-----{ "kid": "kid_2022_08_06", "alg": "RS256"}{ "iss": "cee1b12b-7a51-4031-b3f3-6290de804df6", "aud": "https://anonymoustest.brightspace.com", "iat": 1654763362, "exp": 1654763512, "https://purl.imsglobal.org/spec/lti/claim/message_type": "LtiDeepLinkingResponse", "https://purl.imsglobal.org/spec/lti/claim/version": "1.3.0", "https://purl.imsglobal.org/spec/lti/claim/deployment_id": "ab6df953-502d-4d0e-aab4-a65a2b880a4c", "nonce": "2432ad5c85fc", "https://purl.imsglobal.org/spec/lti-dl/claim/content_items": [  {   "type": "ltiResourceLink",   "title": "Noticeboard test",   "url": "https://anonymous.lamsinternational.com/lams/lti/advantage",   "custom": {    "learningdesignid": "61",    "grading": "lesson",    "enablelessonintro": "true",    "lessonid": "180"   },   "window": {    "targetName": "LAMS - Noticeboard test",    "with": 1024,    "height": 500,    "windowFeatures": "resizable,scrollbars=yes,status=yes"   },   "lineItem": {    "scoreMaximum": 100,    "label": "Noticeboard test",    "resourceId": "lams_lesson_180",    "tag": "LAMS lesson grade"   },   "iframe": {    "url": "https://anonymous.lamsinternational.com/lams/lti/advantage",    "width": 1024,    "height": 500   }  } ], "https://purl.imsglobal.org/spec/lti-dl/claim/data": "cB5tc3pFZsZlDCZH_r2q1ycSazDE6YfOdGRg6OEfRFU~"}---- What could be the reason for the error? Should the audience ("aud") be https://api.brightspace.com/auth/token ?But here is what the specification sayshttps://www.imsglobal.org/spec/lti-dl/v2p0#audand we follow it. This threadhttps://community.brightspace.com/s/question/0D55W000005wEgZSAU/working-on-developing-13-lti-deep-linking-keep-getting-errorsmentions that Brightspace "wasn't expecting a array of objects, just expecting one ltiResourceLink". But this behaviour would be inconsistent with the specification https://www.imsglobal.org/spec/lti-dl/v2p0#content-itemswhich says it should be an array. Is it a bug? Implementing a workaround on our side it not that trivial. If anyone can help, we will be very thankful.