Reputation: 93
what is the use privatetoken in Moodle REST API response?
I am using Moodle core REST API and I am following this Stackoverflow answer for my login request. login end-point is working successfully.
API Request
$ curl -d username="fmcorz" -d password="$PASSWORD" 'https://moodle.org/login/token.php?service=moodle_mobile_app'
Response
{
"token":"SNIPTOKEN",
"privatetoken":"SNIPPRIVATE"
}
I am using token to get User ID and other stuff. But I want to know what is the main purpose of privatetoken?
according to my understanding this will use if moodle installation is on Https and "token" will we used when we use http but not sure as I have only http based server
please help to understand this so I can choose best available token to implement Moodle REST API.
thanks.
Upvotes: 2
Views: 1122
Answers (1)
Reputation: 4620
According to the token docs, privatetoken is only sent when the token is first created and should be saved by the client. The source says it's only sent when the connection is https and the user is not an admin. So I assume it's an edge thing as it should be returned only in very special circumstances. It sounds like it's the Random all-time valid token which can only be sent over https and not for an admin user.
Upvotes: 3
Related Questions
- How to Interact With Moodle REST API
- In which Moodle table are the tokens for the web services?
- SSO in moodle using custom server
- Login API via webservice in moodle
- Moodle - What to use token for?
- Moodle API create user, generate password and email user
- Moodle - API for user registration
- Moodle Submission using API
- Moodle Authentication
- Moodle Web Services Function