Rest API Authentication Error

Rest API Authentication Error

- Nathan Loudon の投稿
返信数: 15

Hi, I am very new to Moodle, trying to use the rest API with postman. I have:

Enable web services in Site administration > Advanced features

Enabled Rest in Site administration > Server > Web services > Manage protocols

Created new service in Site administration > Server > Web services > External Services

Added function to service - core_course_get_courses_by_field

Users -> All Users (just to get it working, will be a username "web-api")

Created a token for username "web-api"

Send PostMan request:

https://lms.XXXXX.com/webservice/rest/server.php?wstoken=XXXX&moodlewsrestformat=json&wsfunction=core_course_get_courses_by_field&field=id&value=1


But am receiving:

{
    "exception": "webservice_access_exception",
    "errorcode": "accessexception",
    "message": "Access control exception"
}

I have also tried enrolling that user in the course, but nadda.

Any idea what I'm missing?

Cheers!



評点平均: -
Nathan Loudon への返信

Re: Rest API Authentication Error

- Nathan Loudon の投稿

So the bit I missed was "Enabling capabilities". I had to create a new role, then assign that role to the user. This page made it clearer:


/admin/category.php?category=webservicesettings



評点平均: -
Nathan Loudon への返信

Re: Rest API Authentication Error

- David Ramirez の投稿
Hello, I'm having the same issue, but I don't understand your solution. Can you please give me a hand. 

Cheers
評点平均: -
David Ramirez への返信

Re: Rest API Authentication Error

- Nathan Loudon の投稿
I think it was this line that guided me to the solution:

Check user capability: The user should have appropriate capabilities according to the protocols used, for example webservice/rest:use, webservice/soap:use. To achieve this, create a web services role with protocol capabilities allowed and assign it to the web services user as a system role.

If you go here /admin/roles/manage.php and add a role, and give it the capabilities you require, mine is currently:

usersmoodle/user:create
tokenmoodle/webservice:createtoken
settingsmoodle/course:update
participationmoodle/course:view
coursesmoodle/course:viewhiddencourses
protocolwebservice/rest:use

But only give it what it needs for your application.

Then assign that role to your API user.
評点平均: -
Nathan Loudon への返信

Re: Rest API Authentication Error

- Jonathan Baird の投稿
Hi,
I am encountering the same error you did and I do think I have created all of the pieces...

I created a role that has been given the necessary 'capabilities' (including "Use REST protocol").  A user has been given this role.
I created a service that has been given all of the same 'functions' as the role.  Of course, I have also enabled REST protocol on the server settings.
I also created a token that links the service and the user.

I must be missing something though since I am still getting a connection failure when trying to connect to the service.  Any insights would be greatly appreciated.
評点平均: -
Jonathan Baird への返信

Re: Rest API Authentication Error

- Nathan Loudon の投稿
It was some time ago sorry, I'd suggest going through this page step by step, guaranteeing you haven't missed anything:
評点平均: -
Jonathan Baird への返信

Re: Rest API Authentication Error

- Brian Merritt の投稿
画像 Particularly helpful Moodlers
Is it possible to share the connection or error messages? You can blur any sensitive material.

Are you using Postman or some other method?
評点平均: -
Brian Merritt への返信

Re: Rest API Authentication Error

- Jonathan Baird の投稿
It just says "Authentication Error".
Connecting to the REST API via ColdFusion.  I've done this with earlier versions of Moodle.
評点平均: -
Jonathan Baird への返信

Re: Rest API Authentication Error

- Nathan Loudon の投稿
If you go to: https://www.example.com/admin/roles/manage.php and click on your web access role, you should see the functions that you've added to that role? Note mine includes the create user function as that's what I'm doing on my app. 

添付 moodle.jpg
評点平均: -
Nathan Loudon への返信

Re: Rest API Authentication Error

- Brian Merritt の投稿
画像 Particularly helpful Moodlers
I just did a test by the way of an API request not in the permissions list and get a very different error

{'exception': 'webservice_access_exception', 'errorcode': 'accessexception', 'message': 'Access control exception'}

And if the parameter is wrong

{'exception': 'invalid_parameter_exception', 'errorcode': 'invalidparameter', 'message': 'Invalid parameter value detected'}

So I suspect the issue is with the wstoken and/or an admin user
評点平均: -
Jonathan Baird への返信

Re: Rest API Authentication Error

- Brian Merritt の投稿
画像 Particularly helpful Moodlers
Is this for an admin user? Or have you created a user with appropriate permissions.

Do you have database access? Can you see the webservice token for the appropriate user?

What does the actual rest api request look like? Do you have a full url & parameters? Again, hide any actual sensitive data like wstoken
評点平均: -
Brian Merritt への返信

Re: Rest API Authentication Error

- Jonathan Baird の投稿
I have created a user with permissions that is also an admin 笑顔
I have made a token that connects the user with the service.
Yes, attempting to connect with a full url and parameters:
[moodle_server]&webservice/rest/server.php?wstoken='&[moodle_token]&'&wsfunction=core_user_get_users_by_field

I am getting the response:
<EXCEPTION class="webservice_access_exception"> <ERRORCODE>accessexception</ERRORCODE> <MESSAGE>Access control exception</MESSAGE> </EXCEPTION>
評点平均: -
Jonathan Baird への返信

Re: Rest API Authentication Error

- Nathan Loudon の投稿
Are you missing the:


From the query string perhaps?

Also I'm not sure if you're including the single quotes around the token, but maybe try without those?
評点平均: -