This question has been flagged
4 Replies
33964 Views
apihttprequestodoo12
Avatar
SSS

Hello

I want test odoo 12 authentication in postman.In postman I am creating httprequest as POST method. first request check session with url http://localhost:8089/web/session/authenticate and second request check create customer with url http://127.0.0.1:8089/api/create_customer. 

Question: I want create customer after session authentication. but if running  single request i.e http://127.0.0.1:8089/api/create_customer in postman. customer is created without authentication. 


--EDIT--

please also give me information about auth_oauth module. difference between auth_oauth and auth_signup.                                       

Avatar
Discard
Sehrish

Odoo Web Controller

1- http://bit.ly/odoo-web-controller

2- http://bit.ly/get-checkbox-value-in-odoo-controller

Avatar
Obay Abdelgadir
Best Answer

Authentication in odoo is achieved with a simple http header or a cookie.

To authenticate you need set the cookie "session_id", postman is smart enough to do that for you just like a browser.


First create a new request with the following:

http method: GET

url: http://localhost:8069/web/session/authenticate
headers: Content-Type: application/json
body: 

{
    "jsonrpc": "2.0", 
    "params": {
        "db": "v14pos", 
        "login": "admin", 
        "password": "admin"
    }
}

The body type should be "raw" in postman.

Of courser change the db, login(username/email), and password to your values.


Send the request, and if successful Odoo will response with information about the user, and the response header will include "Set-Cookie" which tells postman to set the session_id cookie.

Finally you can call any other url that requires authentication. Just make sure the base url is the same as the authentication request, so that postman will send the session_id cookie in the request.

Avatar
Discard
Avatar
Niyas Raphy (Walnut IT)
Best Answer

Hi,

For authenticating Odoo From Postman, see this video showing the same: https://www.youtube.com/watch?v=wGvuRbCyytk


Thanks

Avatar
Discard
Usman

link is not working Niyas?

Avatar
Ravi Gadhia
Best Answer

It's difficult to simulate odoo authentication using postman due to odoo protect all the post request using  Cross-Site Request Forgery (CSRF). you don't have csrf token while making post request so it rejects by odoo.

so first you have to make get a request to get csrf token(a token is embedded inside Html form ) and send it while you make a post request. (I don't know how to get it using postman). 

an alternative is after login through web browser copy the session_id and stores it postman cookie so all the next jsonrpc/AJAX/xhr request validate by the server and it works (I know it's not your requirement ;)

all the auth_* modules are not dependant on each other. it's named as auth_* because it's related to user authentication.

BTW why don't you use xml-rpc instead of a postman. it's very easy to authenticate and you can perform any operation using it. 

Avatar
Discard
SSS
Author

you are right. I have create request for acces_token. after getting access-token and passing this into postman my issue is solve.thanks for you time and suggestion.

Avatar
Franklin Rincon
Best Answer

Hi everybody. Thanks to Obay for your help, this is my javascript auth from postman. I hope to help you.

var data = JSON.stringify({
"jsonrpc": "2.0",
"params": {
"db": "your_data_base_name",
"login": "your_user_name",
"password": "your_password"
}
});

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function() {
if(this.readyState === 4) {
console.log(this.responseText);
}
});

xhr.open("POST", "http://localhost:8069/web/session/authenticate");
xhr.setRequestHeader("Content-Type", "application/json");

xhr.send(data);

Avatar
Discard