We use the Google oauth2 plugin for user authentication Moodle 3.2
I can log in as admin, but other users try to login via their browser window and get that error. I don't think I want authenticated users to have that permission. Any suggestions on how to troubleshoot?
non admin user getting no permission to create a web service token error
by Colin Matheson -
Number of replies: 3
In reply to Colin Matheson
Re: non admin user getting no permission to create a web service token error
by Ken Task -
You must be using the older addon for Oauth2 given you site is 3.2 ... in 3.3 now part of core.
Question ... are you allowing users to connect using the mobile app?
In order to do so, users would need to be able to create a token.
Pick a user:
https://site/admin/roles/check.php?contextid=1
and see permissions.
Have a 3.2 site running the older plugin but is allowing mobile and users can authenticate with browser via Google.
'spirit of sharing', Ken
In reply to Ken Task
Re: non admin user getting no permission to create a web service token error
by Colin Matheson -
As I see it there are two types of tokens:
moodle/webservice:createmobiletoken
is allowed for authenticated users, however
moodle/webservice:createtoken
is not allowed. It looks like that has more security risks. But should I turn it on for authenticated users?
In reply to Colin Matheson
Re: non admin user getting no permission to create a web service token error
by Juan Leyva -
Hi Colin,
yes, allowing moodle/webservice:createtoken for authenticated users should be fine and is the same as dangerous than moodle/webservice:createmobiletoken