diff --git a/externallib.php b/externallib.php
index 3b5a6b5..82d4d3e 100644
--- a/externallib.php
+++ b/externallib.php
@@ -23,6 +23,7 @@
  */
 
 require_once($CFG->libdir . "/externallib.php");
+require_once($CFG->dirroot . "/webservice/lib.php");
 require_once($CFG->dirroot . "/auth/userkey/auth.php");
 
 class auth_userkey_external extends external_api {
@@ -48,9 +49,16 @@ class auth_userkey_external extends external_api {
      * @param array $user
      *
      * @return array
+     * @throws \dml_exception
+     * @throws \required_capability_exception
+     * @throws \webservice_access_exception
      */
     public static function request_login_url($user) {
 
+        if (!is_enabled_auth('userkey')) {
+            throw new webservice_access_exception('The userkey authentication plugin is disabled.');
+        }
+
         $context = context_system::instance();
         require_capability('auth/userkey:generatekey', $context);
 
diff --git a/login.php b/login.php
index 9471d40..09537b3 100644
--- a/login.php
+++ b/login.php
@@ -24,4 +24,8 @@
 
 require_once(dirname(__FILE__) . '/../../config.php');
 
+if (!is_enabled_auth('userkey')) {
+    print_error('The userkey authentication plugin is disabled.');
+}
+
 get_auth_plugin('userkey')->user_login_userkey();
\ No newline at end of file
diff --git a/tests/externallib_test.php b/tests/externallib_test.php
index 33c9728..7d9dfae 100644
--- a/tests/externallib_test.php
+++ b/tests/externallib_test.php
@@ -51,12 +51,30 @@ class auth_userkey_externallib_testcase extends advanced_testcase {
         $this->user = self::getDataGenerator()->create_user($user);
     }
 
+    /**
+     * Test call with incorrect required parameter.
+     *
+     * @expectedException webservice_access_exception
+     * @expectedExceptionMessage Access control exception (The userkey authentication plugin is disabled.)
+     */
+    public function test_throwing_plugin_disabled_exception() {
+        $this->setAdminUser();
+
+        $params = array(
+            'bla' => 'exists@test.com',
+        );
+        // Simulate the web service server.
+        $result = auth_userkey_external::request_login_url($params);
+        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
+    }
+
     /**
      * Test successful web service calls.
      */
     public function test_successful_webservice_calls() {
         global $DB, $CFG;
 
+        $CFG->auth = "userkey";
         $this->setAdminUser();
 
         // Email.
@@ -117,7 +135,10 @@ class auth_userkey_externallib_testcase extends advanced_testcase {
      * @expectedExceptionMessage Invalid parameter value detected (Required field "email" is not set or empty.)
      */
     public function test_request_incorrect_parameters() {
+        global $CFG;
+
         $this->setAdminUser();
+        $CFG->auth = "userkey";
 
         $params = array(
             'bla' => 'exists@test.com',
@@ -134,7 +155,10 @@ class auth_userkey_externallib_testcase extends advanced_testcase {
      * @expectedExceptionMessage Invalid parameter value detected (User is not exist)
      */
     public function test_request_not_existing_user() {
+        global $CFG;
+
         $this->setAdminUser();
+        $CFG->auth = "userkey";
 
         $params = array(
             'email' => 'notexists@test.com',
@@ -144,4 +168,55 @@ class auth_userkey_externallib_testcase extends advanced_testcase {
         $result = auth_userkey_external::request_login_url($params);
         $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
     }
+
+    /**
+     * Test that permission exception gets thrown if user doesn't have required permissions.
+     *
+     * @expectedException required_capability_exception
+     * @expectedExceptionMessage Sorry, but you do not currently have permissions to do that (Generate login user key)
+     */
+    public function test_throwing_of_permission_exception() {
+        global $CFG;
+
+        $this->setUser($this->user);
+        $CFG->auth = "userkey";
+
+        $params = array(
+            'email' => 'notexists@test.com',
+        );
+
+        // Simulate the web service server.
+        $result = auth_userkey_external::request_login_url($params);
+        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
+    }
+
+    /**
+     * Test request gets executed correctly if use has required permissions.
+     */
+    public function test_request_gets_executed_if_user_has_permission() {
+        global $CFG, $DB;
+
+        $this->setUser($this->user);
+        $CFG->auth = "userkey";
+
+        $context = context_system::instance();
+        $studentrole = $DB->get_record('role', array('shortname'=>'student'), '*', MUST_EXIST);
+        assign_capability('auth/userkey:generatekey', CAP_ALLOW, $studentrole->id, $context->id);
+        role_assign($studentrole->id, $this->user->id, $context->id);
+
+        $params = array(
+            'email' => 'exists@test.com',
+        );
+
+        // Simulate the web service server.
+        $result = auth_userkey_external::request_login_url($params);
+        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
+
+        $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
+        $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
+
+        $this->assertTrue(is_array($result));
+        $this->assertTrue(key_exists('loginurl', $result));
+        $this->assertEquals($expectedurl, $result['loginurl']);
+    }
 }