1- create a web service (enabled and authorised for a specific username)
2- in the mysql/postgres 'external_services' table, set manually the SHORTNAME
3- Enter in your browser: http://yourmoodle/login/token.php?service=SHORTNAME&username=USERNAME&password=PASSWORD (do not test with an admin user expect if asked)
//none admin username who hasn't the moodle/webservice:createtoken capability
a) you already created a token in the admin with an expired valid date => error message (Moodle will fail to find a token, and try to create a new one)
b) you already created a token in the admin with a different ip address => error message (Moodle will fail to find a token, and try to create a new one)
c) you already created a token in the admin but for a different service => error message (Moodle will fail to find a token, and try to create a new one)
d) you already created a token in the admin (the service is enabled and authorised for everybody, correct valid dates, correct ip restrictions) => the token is returned
//none admin username who has the moodle/webservice:createtoken capbility (excepted if mentioned)
e) the user is an admin
f) the user is not authorised on a restricted service => error message
g) the user is authorised but has a expired valid date (manage service admin page, click on authorised user then on the user full name link) => error message
h) the user is authorised but has a different ip address => error message
i) the user has not the capability to create a token (moodle/webservice:createtoken) => error message
j) the user never visited his security keys page (i.e. not token was previously generated) and everything is set up correctly => a token is returned
k) you run j) a new time (so a token has been generated) => the same token is returned.
l) the user has not the service required capability.
Now you are going to use the 'moodle_mobile_app' shortname (the mobile service). Enable it first in the administration. Redo i), it should success if the user doesn't have the 'moodle/webservice:createtoken' capability. Mobile service does not require the capability but the 'moodle/webservice:createmobiletoken' capability.