d2l toc needs to return hidden modules

Question

https://mydomain.brightspace.com/d2l/api/le/1.26/6606/content/toc?x_a%3dUL7yiUSXo1sptLSyHz-b2w%26x_b%3dbTXtwICfYsdJ--vdWrLc7i%26x_c%3drBU16xHb8YIZ4jIffvHjnF9mnaGF8PgzQF8SvY2nbMU%26x_d%3dQbvBGCHM6HRlOe0O-gUKpauFsaPvKMBeKKTOc7ZEfKs%26x_t%3d1644096312

I created an authenticated url to display data from my toc. Roles with elevated permissions can view all the data found in the table of contents which has hidden modules and hidden data. I created the url with the token, encrypted userID/User key etc all with a role that has these permissions.....why when a user with non elevated privileges access the url--they still cannot view the hidden data. Its wierd because the url is fashioned to be encrypted with a role with elevate permissions....

I also tried the simple updating the query to view the table of contents by &userId="xxxxxxxx" and when a different user is logged in, it still doesnt accurately reflect the table of contents as if viewed by someone with elevated privilidges