odoo13-addon-auth-api-key

============ Auth Api Key

.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !! This file is generated by oca-gen-addon-readme !! !! changes will be overwritten. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png :target: https://odoo-community.org/page/development-status :alt: Beta .. |badge2| image:: https://img.shields.io/badge/licence-LGPL--3-blue.png :target: http://www.gnu.org/licenses/lgpl-3.0-standalone.html :alt: License: LGPL-3 .. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github :target: https://github.com/OCA/server-auth/tree/13.0/auth_api_key :alt: OCA/server-auth .. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png :target: https://translation.odoo-community.org/projects/server-auth-13-0/server-auth-13-0-auth_api_key :alt: Translate me on Weblate .. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png :target: https://runbot.odoo-community.org/runbot/251/13.0 :alt: Try me on Runbot

|badge1| |badge2| |badge3| |badge4| |badge5|

Authenticate http requests from an API key.

API keys are codes passed in (in the http header API-KEY) by programs calling an API in order to identify -in this case- the calling program's user.

Take care while using this kind of mechanism since information into http headers are visible in clear. Thus, use it only to authenticate requests from known sources. For unknown sources, it is a good practice to filter out this header at proxy level.

Table of contents

.. contents:: :local:

Configuration

The api key menu is available into Settings > Technical in debug mode. By default, when you create an API key, the key is saved into the database. It is also possible to provide the value of this key via the configuration file. This can be very useful to avoid mixing your keys between your various environments when restoring databases. All you have to do is to add a new section to your configuration file according to the following convention:

.. code-block:: ini

[api_key_<Record Name>]
key=my_api_key

Usage

To apply this authentication system to your http request you must set 'api_key' as value for the 'auth' parameter of your route definition into your controller.

.. code-block:: python

class MyController(Controller):

    @route('/my_service', auth='api_key', ...)
    def my_service(self, *args, **kwargs):
        pass

Bug Tracker

Bugs are tracked on GitHub Issues <https://github.com/OCA/server-auth/issues>. In case of trouble, please check there if your issue has already been reported. If you spotted it first, help us smashing it by providing a detailed and welcomed feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_api_key%0Aversion:%2013.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>.

Do not contact contributors directly about support or help with technical issues.

Credits

Authors

* ACSONE SA/NV

Contributors

• Denis Robinet denis.robinet@acsone.eu
• Laurent Mignon laurent.mignon@acsone.eu
• Quentin Groulard quentin.groulard@acsone.eu
• Sébastien Beau sebastien.beau@akretion.com

Maintainers

This module is maintained by the OCA.

.. image:: https://odoo-community.org/logo.png
   :alt: Odoo Community Association
   :target: https://odoo-community.org

OCA, or the Odoo Community Association, is a nonprofit organization whose
mission is to support the collaborative development of Odoo features and
promote its widespread use.

This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/13.0/auth_api_key>`_ project on GitHub.

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.