<h1 class="title">Auth Api Key</h1> <p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/lgpl-3.0-standalone.html"><img alt="License: LGPL-3" src="https://img.shields.io/badge/licence-LGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/server-auth/tree/16.0/auth_api_key"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_api_key"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runbot.odoo-community.org/runbot/251/16.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p> <p>Authenticate http requests from an API key.</p> <p>API keys are codes passed in (in the http header API-KEY) by programs calling an API in order to identify -in this case- the calling program's user.</p> <p>Take care while using this kind of mechanism since information into http headers are visible in clear. Thus, use it only to authenticate requests from known sources.</p> <p>For unknown sources, it is a good practice to filter out this header at proxy level.</p> <p><strong>Table of contents</strong></p> <div class="contents local topic" id="contents"> <ul class="simple"> <li><a class="reference internal" href="#configuration" id="id1">Configuration</a></li> <li><a class="reference internal" href="#usage" id="id2">Usage</a></li> <li><a class="reference internal" href="#bug-tracker" id="id3">Bug Tracker</a></li> <li><a class="reference internal" href="#credits" id="id4">Credits</a><ul> <li><a class="reference internal" href="#authors" id="id5">Authors</a></li> <li><a class="reference internal" href="#contributors" id="id6">Contributors</a></li> <li><a class="reference internal" href="#maintainers" id="id7">Maintainers</a></li> </ul> </li> </ul> </div> <a name="configuration"></a> <h2><a class="toc-backref" href="#id1">Configuration</a></h2> <p>The api key menu is available into Settings &gt; Technical in debug mode. By default, when you create an API key, the key is saved into the database.</p> <p>If you want to manage them via serve environment settings use <cite>auth_api_key_server_env</cite>.</p> <a name="usage"></a> <h2><a class="toc-backref" href="#id2">Usage</a></h2> <p>To apply this authentication system to your http request you must set 'api_key' as value for the 'auth' parameter of your route definition into your controller.</p> <pre> <code lang="python">class MyController(Controller): &#64;route('/my_service', auth='api_key', ...) def my_service(self, *args, **kwargs): pass</code> </pre> <a name="bug-tracker"></a> <h2><a class="toc-backref" href="#id3">Bug Tracker</a></h2> <p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/server-auth/issues">GitHub Issues</a>. In case of trouble, please check there if your issue has already been reported. If you spotted it first, help us smashing it by providing a detailed and welcomed <a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20auth_api_key%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p> <p>Do not contact contributors directly about support or help with technical issues.</p> <a name="credits"></a> <h2><a class="toc-backref" href="#id4">Credits</a></h2> <a name="authors"></a> <h3><a class="toc-backref" href="#id5">Authors</a></h3> <ul class="simple"> <li>ACSONE SA/NV</li> </ul> <a name="contributors"></a> <h3><a class="toc-backref" href="#id6">Contributors</a></h3> <ul class="simple"> <li>Denis Robinet &lt;<a class="reference external" href="mailto:denis.robinet&#64;acsone.eu">denis.robinet&#64;acsone.eu</a>&gt;</li> <li>Laurent Mignon &lt;<a class="reference external" href="mailto:laurent.mignon&#64;acsone.eu">laurent.mignon&#64;acsone.eu</a>&gt;</li> <li>Quentin Groulard &lt;<a class="reference external" href="mailto:quentin.groulard&#64;acsone.eu">quentin.groulard&#64;acsone.eu</a>&gt;</li> <li>Sébastien Beau &lt;<a class="reference external" href="mailto:sebastien.beau&#64;akretion.com">sebastien.beau&#64;akretion.com</a>&gt;</li> <li>Chafique Delli &lt;<a class="reference external" href="mailto:chafique.delli&#64;akretion.com">chafique.delli&#64;akretion.com</a>&gt;</li> </ul> <a name="maintainers"></a> <h3><a class="toc-backref" href="#id7">Maintainers</a></h3> <p>This module is maintained by the OCA.</p> <a class="reference external image-reference" href="https://odoo-community.org"><img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" /></a> <p>OCA, or the Odoo Community Association, is a nonprofit organization whose mission is to support the collaborative development of Odoo features and promote its widespread use.</p> <p>This module is part of the <a class="reference external" href="https://github.com/OCA/server-auth/tree/16.0/auth_api_key">OCA/server-auth</a> project on GitHub.</p> <p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>