Moodle in English: Rest API Authentication Error

Hi, I am very new to Moodle, trying to use the rest API with postman. I have:

Enable web services in Site administration > Advanced features

Enabled Rest in Site administration > Server > Web services > Manage protocols

Created new service in Site administration > Server > Web services > External Services

Added function to service - core_course_get_courses_by_field

Users -> All Users (just to get it working, will be a username "web-api")

Created a token for username "web-api"

Send PostMan request:

https://lms.XXXXX.com/webservice/rest/server.php?wstoken=XXXX&moodlewsrestformat=json&wsfunction=core_course_get_courses_by_field&field=id&value=1

But am receiving:

{

"exception": "webservice_access_exception",

"errorcode": "accessexception",

"message": "Access control exception"

}

I have also tried enrolling that user in the course, but nadda.

Any idea what I'm missing?

Cheers!

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Nathan Loudon - asteartea, 2023(e)ko apirilakren 11(e)an, 10:38(e)tan

So the bit I missed was "Enabling capabilities". I had to create a new role, then assign that role to the user. This page made it clearer:

/admin/category.php?category=webservicesettings

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

David Ramirez - asteazkena, 2023(e)ko maiatzakren 24(e)an, 01:16(e)tan

Hello, I'm having the same issue, but I don't understand your solution. Can you please give me a hand.

Cheers

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Nathan Loudon - asteazkena, 2023(e)ko maiatzakren 24(e)an, 14:36(e)tan

I think it was this line that guided me to the solution:

Check user capability: The user should have appropriate capabilities according to the protocols used, for example webservice/rest:use, webservice/soap:use. To achieve this, create a web services role with protocol capabilities allowed and assign it to the web services user as a system role.

If you go here /admin/roles/manage.php and add a role, and give it the capabilities you require, mine is currently:

usersmoodle/user:create
tokenmoodle/webservice:createtoken
settingsmoodle/course:update
participationmoodle/course:view
coursesmoodle/course:viewhiddencourses
protocolwebservice/rest:use

But only give it what it needs for your application.

Then assign that role to your API user.

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Jonathan Baird - ostirala, 2023(e)ko uztailakren 21(e)an, 22:18(e)tan

Hi,

I am encountering the same error you did and I do think I have created all of the pieces...

I created a role that has been given the necessary 'capabilities' (including "Use REST protocol"). A user has been given this role.

I created a service that has been given all of the same 'functions' as the role. Of course, I have also enabled REST protocol on the server settings.

I also created a token that links the service and the user.

I must be missing something though since I am still getting a connection failure when trying to connect to the service. Any insights would be greatly appreciated.

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Nathan Loudon - asteazkena, 2023(e)ko uztailakren 26(e)an, 07:20(e)tan

It was some time ago sorry, I'd suggest going through this page step by step, guaranteeing you haven't missed anything:

https://docs.moodle.org/402/en/Using_web_services

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Jonathan Baird - osteguna, 2023(e)ko abuztuakren 3(e)an, 22:18(e)tan

Yeah, already went through all of that. Thanks.

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Brian Merritt - osteguna, 2023(e)ko abuztuakren 3(e)an, 21:42(e)tan

Is it possible to share the connection or error messages? You can blur any sensitive material.

Are you using Postman or some other method?

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Jonathan Baird - osteguna, 2023(e)ko abuztuakren 3(e)an, 22:18(e)tan

It just says "Authentication Error".

Connecting to the REST API via ColdFusion. I've done this with earlier versions of Moodle.

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Nathan Loudon - ostirala, 2023(e)ko abuztuakren 4(e)an, 06:10(e)tan

If you go to: https://www.example.com/admin/roles/manage.php and click on your web access role, you should see the functions that you've added to that role? Note mine includes the create user function as that's what I'm doing on my app.

Also, what URL are you calling? Mine looks like:

https://www.example.com/webservice/rest/server.php?moodlewsrestformat=json&wstoken=<insert-token>&wsfunction=core_course_get_courses_by_field&field=&value=

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Brian Merritt - ostirala, 2023(e)ko abuztuakren 4(e)an, 19:29(e)tan

I just did a test by the way of an API request not in the permissions list and get a very different error

{'exception': 'webservice_access_exception', 'errorcode': 'accessexception', 'message': 'Access control exception'}

And if the parameter is wrong

{'exception': 'invalid_parameter_exception', 'errorcode': 'invalidparameter', 'message': 'Invalid parameter value detected'}

So I suspect the issue is with the wstoken and/or an admin user

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Jonathan Baird - ostirala, 2023(e)ko abuztuakren 4(e)an, 23:07(e)tan

Yup, I have those set. Thanks

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Brian Merritt - ostirala, 2023(e)ko abuztuakren 4(e)an, 16:26(e)tan

Is this for an admin user? Or have you created a user with appropriate permissions.

Do you have database access? Can you see the webservice token for the appropriate user?

What does the actual rest api request look like? Do you have a full url & parameters? Again, hide any actual sensitive data like wstoken

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Jonathan Baird - ostirala, 2023(e)ko abuztuakren 4(e)an, 22:15(e)tan

I have created a user with permissions that is also an admin

I have made a token that connects the user with the service.

Yes, attempting to connect with a full url and parameters:

[moodle_server]&webservice/rest/server.php?wstoken='&[moodle_token]&'&wsfunction=core_user_get_users_by_field

I am getting the response:

<EXCEPTION class="webservice_access_exception"> <ERRORCODE>accessexception</ERRORCODE> <MESSAGE>Access control exception</MESSAGE> </EXCEPTION>

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Nathan Loudon - larunbata, 2023(e)ko abuztuakren 5(e)an, 07:11(e)tan

Are you missing the:

moodlewsrestformat=json

From the query string perhaps?

Also I'm not sure if you're including the single quotes around the token, but maybe try without those?

Puntuazioen batez bestekoa: -

Re: Rest API Authentication Error

Jonathan Baird - asteartea, 2023(e)ko abuztuakren 8(e)an, 01:28(e)tan

Hmm, I haven't needed that parameter in previous versions of Moodle, is this new?

Also, I'm looking to get an XML response, not JSON. Not sure if this makes a difference?

Thanks

Puntuazioen batez bestekoa: -

Web services

Rest API Authentication Error

Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Re: Rest API Authentication Error

Empowering educators to improve our world

Moodle

Support

Get Involved

Contributions

Downloads

Tracker

Development

Empowering educators to improve our world