diff --git a/admin/webservice/forms.php b/admin/webservice/forms.php
index 75202284f36..b95935c6e04 100644
--- a/admin/webservice/forms.php
+++ b/admin/webservice/forms.php
@@ -187,16 +187,25 @@ class web_service_token_form extends moodleform {
         $mform->addElement('header', 'token', get_string('token', 'webservice'));
 
         if (empty($data->nouserselection)) {
-            //user searchable selector - get all users (admin and guest included)
-            $sql = "SELECT u.id, u.firstname, u.lastname
-            FROM {user} u
-            ORDER BY u.lastname";
-            $users = $DB->get_records_sql($sql, array());
-            $options = array();
-            foreach ($users as $userid => $user) {
-                $options[$userid] = $user->firstname . " " . $user->lastname;
+
+            //check if the number of user is reasonable to be displayed in a select box
+            $usertotal = $DB->count_records('user',
+                    array('deleted' => 0, 'suspended' => 0, 'confirmed' => 1));
+
+            if ($usertotal < 500) {
+                //user searchable selector - get all users (admin and guest included)
+                $users = $DB->get_records('user',
+                        array('deleted' => 0, 'suspended' => 0, 'confirmed' => 1), 'lastname',
+                        'id, firstname, lastname');
+                $options = array();
+                foreach ($users as $userid => $user) {
+                    $options[$userid] = $user->firstname . " " . $user->lastname;
+                }
+                $mform->addElement('searchableselector', 'user', get_string('user'), $options);
+            } else {
+                //simple text box for username or user id (if two username exists, a form error is displayed)
+                $mform->addElement('text', 'user', get_string('usernameorid', 'webservice'));
             }
-            $mform->addElement('searchableselector', 'user', get_string('user'), $options);
             $mform->addRule('user', get_string('required'), 'required', null, 'client');
         }
 
@@ -230,8 +239,44 @@ class web_service_token_form extends moodleform {
         $this->set_data($data);
     }
 
-    function validation($data, $files) {
+    function get_data() {
+        global $DB;
+        $data = parent::get_data();
+
+        if (!empty($data) && !is_numeric($data->user)) {
+            //retrieve username
+            $user = $DB->get_record('user', array('username' => $data->user), 'id');
+            $data->user = $user->id;
+        }
+        return $data;
+    }
+
+    function validation(&$data, $files) {
+        global $DB;
+
         $errors = parent::validation($data, $files);
+
+        if (is_numeric($data['user'])) {
+            $searchtype = 'id';
+        } else {
+            $searchtype = 'username';
+            //check the username is valid
+            if (clean_param($data['user'], PARAM_USERNAME) != $data['user']) {
+                $errors['user'] = get_string('invalidusername');
+            }
+        }
+
+        if (!isset($errors['user'])) {
+            $users = $DB->get_records('user', array($searchtype => $data['user']), '', 'id');
+
+            //check that the user exists in the database
+            if (count($users) == 0) {
+                $errors['user'] = get_string('usernameoridnousererror', 'webservice');
+            } else if (count($users) > 1) { //can only be a username search as id are unique
+                $errors['user'] = get_string('usernameoridoccurenceerror', 'webservice');
+            }
+        }
+
         return $errors;
     }
 
diff --git a/lang/en/webservice.php b/lang/en/webservice.php
index 512c195f113..274712777ec 100644
--- a/lang/en/webservice.php
+++ b/lang/en/webservice.php
@@ -186,6 +186,10 @@ $string['updateusersettings'] = 'Update';
 $string['userasclients'] = 'Users as clients with token';
 $string['userasclientsdescription'] = 'The following steps help you to set up the Moodle web service for users as clients. These steps also help to set up the recommended token (security keys) authentication method. In this use case, the user will generate his token from the security keys page via My profile settings.';
 $string['usermissingcaps'] = 'Missing capabilities: {$a}';
+$string['usernameorid'] = 'Username / User id';
+$string['usernameorid_help'] = 'Enter a username or a user id.';
+$string['usernameoridnousererror'] = 'No users were found with this username/user id.';
+$string['usernameoridoccurenceerror'] = 'More than one user was found with this username. Please enter the user id.';
 $string['usernotallowed'] = 'The user is not allowed for this service. First you need to allow this user on the {$a}\'s allowed users administration page.';
 $string['usersettingssaved'] = 'User settings saved';
 $string['validuntil'] = 'Valid until';