Skip to Content
Вам необхідно зареєструватися, щоб взаємодіяти зі спільнотою.
All Posts Люди Значки
Мітки (View all)
odoo accounting v14 pos v15
Про цей форум
Це запитання позначене
jsonrpcodoo17
3 Відповіді
14166 Переглядів
Аватар
Ids MG

When using JSON-RPC external API, do I need to call the common authenticate method before each object call? It only seems to authenticate and return the user id.

 So if I did that once, can I store that user id and use it for all further object calls? Or is there some kind of expiring session stored on the server I need to be aware of?

Аватар
Відмінити
Ids MG
Автор

I know how authentication works and that there are other techniques that can be used. But I want to minimize the number of authentication calls for JSON-RPC. Does anyone know if that can be done once or needs to be done before each object call?

Ids MG
Автор

According to Odoo Support:

When using Odoo's JSON-RPC interface, you do not need to execute the authentication call before each object call. The authentication process should be done once to obtain the user ID and a session token, and then you can use these credentials for subsequent calls.

Аватар
Ajin A K
Найкраща відповідь

It depends on the specific implementation of the JSON-RPC API you're using. Here's a breakdown of the two common scenarios:

1. Session-based Authentication:

  • In this case, a successful authenticate call establishes a session on the server. This session is identified by a key or token (often not the user ID itself).
  • Subsequent object calls typically require including this session key or token in the request header or as a parameter.
  • This session has an expiration time. You don't need to call authenticate again until the session expires.

2. Token-based Authentication:

  • Here, authenticate might return a JSON Web Token (JWT) or a similar token containing user information and claims.
  • Subsequent object calls would require including this token in the request header (usually as an "Authorization" header).
  • JWTs are self-contained and expire after a set time. You need to re-authenticate (get a new token) before the current one expires.

How to determine which method your API uses?

  • Check the API documentation for details on authentication and authorization.
  • Look for keywords like "session", "token", "JWT", or expiration time.
  • If unsure, consult the API provider's support resources.

Here are some best practices for handling authentication with JSON-RPC APIs:

  • Store tokens securely: If using tokens, store them securely in memory or a secure storage mechanism like the keychain. Avoid storing them in plain text.
  • Refresh tokens before expiry: Monitor token expiry and refresh it before it expires to avoid interruptions in your application.
  • Handle errors gracefully: Implement proper error handling for authentication failures.

By understanding the authentication method and implementing best practices, you can efficiently manage user sessions and keep your JSON-RPC interactions secure.

Аватар
Відмінити
Аватар
Ray Carnes (ray)
Найкраща відповідь

You need to send an authenticated User ID and Password (or API key) with each request.


Аватар
Відмінити
Аватар
Long Duong Nhat
Найкраща відповідь 
Hi Ids MG,
Please try using Restful API. Odoo has an endpoint (/web/session/authenticate) to connect to the database and log in.
The API response has more information for you and it will have a session to help you maintain the connection.
Reference source: https://github.com/odoo/odoo/blob/17.0/addons/web/controllers/session.py#L29


Аватар
Відмінити
Related Posts Відповіді Переглядів Дія
Odoo JsonRPC : Get m2m, m2o or o2m nested field with read method
odoo jsonrpc odoo17
Аватар
0
лют. 25
1899
Error while posting invoice to ZATCA odoo sh Вирішено
odoo17
Аватар
Аватар
Аватар
Аватар
3
лип. 25
2988
How to send a real-time notification to POS UI using bus.bus in Odoo 17?
odoo17
Аватар
Аватар
1
черв. 25
4960
Odoo time-sheets rights to add
odoo17
Аватар
Аватар
2
трав. 25
2927
POS is not recognizing short barcodes like "95" or "96" (Code 39 or custom short codes)
odoo17
Аватар
1
трав. 25
1996