Note: You are currently viewing documentation for Moodle 2.2. Up-to-date documentation for the latest stable version is available here: Using web services.

Using web services

From MoodleDocs

Template:Moodle 2.0This document explains how an administrator set up a web service for ordinary users.

Introduction

A user goes on his security keys page. He gets a security key (also called token). He enters the key on the external application accessing to Moodle. At any time, a user can reset the key if he suspects that it has been stolen. The key is complex, long and difficult to generate. This is the recommended authentication method for web service. This document explains how a Moodle administrator can set it up.

Enable the web service in Moodle

For security reasons, web services should only be enabled if you intend to make use of it.

  Settings block > Site Administration > Advanced features
Check Enable web services option and Save Changes

enable ws option.png

Enable a protocol

  Settings block > Site Administration > Plugins > Web services > Manage protocols
Enable the desired protocol (SOAP, REST, XMLRPC, AMF, ...)

ws manageprotocal settings.png

Enable capabilities to users

for create token

you need to set "moodle/webservice:createtoken" capability to the users

for protocols

you need to set the activated protocol (webservice/rest:use, webservice/soap:use,...) capability to the users

Create a service with funtions

A brief note about custom web services

There is no such thing as a default web service in Moodle, so anyone looking for one (or for a list of available services) may get rather confused. Instead, you must create a custom service.

Creating a custom service does not mean you are really creating an entirely new web service yourself. You don't have to program anything. Instead, a 'custom web service' just lets you select which of the standard web service functions are available via that service.

Add new custom service page

This allows you to enable only the specific functions that you need to expose, therefore increasing security. The procedure is included below.

  Settings block > Site Administration > Plugins > Web services > External Services
  Click on Add new custom service

externlservices settings.png

A service is a group of web service functions. You need to create first the service then add the function. When you create the service do not check "Authenticated users", we want all users (only the one with "moodle/webservice:createtoken" capability) to be able to use the web service. If you want you can select a required capability. Any user access a web service will be checked against it. It is just an additional and optional security layer for your own usage.

  Enter a name, check enable
  Click on Save changes

add webservice.png

Add a function to the service

  Settings block > Site Administration > Plugins > Web services > External Services
Click on the Functions link for the newly created service


Service functions page

  Select Add function operation, then select a function and Save changes

wsfunctionadmin.png

selectservicefunction.png

Users visit web service page to get auto token

Congratulation, the web service are set up. The users will now go on their profil block and access their security keys. The first time a user access the "security keys" page, his key is created.