This guide outlines how to enable and configure Moodle Web Services to allow a mobile app to retrieve and display course information from your Moodle site.
1. Enable Web Services
Go to: Site administration > Advanced features
- Enable the Web services.
2. Create an External Web Service
Navigate to: Site administration > Server > Web services > External services
Under Custom Services, click Add to create a new external service (e.g., “Mobile App API”)
Set the following options:
Enabled: Yes
Authorised users only: Yes — this limits token creation to only authorised users.
- (Optional) Required capability: Add an extra capability to further restrict access.
- Click Save changes.

3. Add Required API Functions
- From the External services list, click Functions next to your newly created service.
Add these functions to enable course retrieval and content access:
core_course_get_courses
— fetches a list of all courses.core_course_get_contents
— fetches modules and contents of a course- Click Add functions.

4. Configure API Authentication
Option 1: Use an Existing Administrator Account
Go to: Site administration > Server > Web services > Manage tokens
Click Create token.
- Enter:
- Name: (name of your token)
- User: Select an existing administrator.
- Service: Select your created external service.
- (Optional) Set IP restriction or Valid until
- Click Save changes.
- Important: since Authorised users only is enabled in the external service, also go to: Site Administration > Server > Web Services > External Services > Authorised users.
- once clicked, add the administrator as an authorised user.

Option 2: Create a Dedicated Web Service User (Recommended for Production)
Add a new user via Site administration > Users > Accounts > Add a new user
Create a new user account with a strong password.
Assign this user appropriate system-level roles with necessary capabilities, such as:
moodle/course:view
— to view course informationwebservice/rest:use
— to use REST web services (if using REST)- (Optional)
moodle/webservice:createtoken
— if you want them to generate tokens
- Authorise this user under the external service (since Authorised users only is enabled in the external service):
- Go to: Site Administration > Server > Web Services > External Services > Authorised users.
- once clicked, add this user as an authorised user.

- Create a token for the web service user:
- Go to: Site administration > Server > Web services > Manage tokens
- Click Create token.
- Enter:
- Name: (name of your token)
- User: Select your web service user.
- Service: Select your created external service.
- (Optional) Set IP restriction or Valid until
- Click Save changes.
