I have a question about how Moodle handle this:
1 - I have created a external service for all users
2 - I have login into Moodle with a user with capabilities for creating tokens for external services
3 - I have created a token for this user for the external service created at point 1
4 - I have edit the external service and changed permissions to allow only authorised users. At this moment, there are no authorised users
5 - User mentioned at point 3 can see his token for the service despite the fact is not in the authorised user list
Will this use be able to use this token despite is not in the list of authorised users?
PD: I'm using the demo site for testing thinks like this because is the most updated Moodle I have access
Regards