I am trying to build a custom integration between *Salesforce and Odoo 16 Enterprise* using a custom module and *API key-based authentication*. What I’ve Done: Created a custom module with a @http.route('/sf/get_products', auth='api_key', type='json', methods=['POST'], csrf=False) Created a boolean field sfcost on product categories, used to filter products returned in the response Generated an API key from an *Internal User* (with Inventory/User access) Set auth_api_key = True in odoo.conf

Fetch data from Odoo 16 E to Salesforce using API

Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:

CRM
e-Commerce
Contabilità
Magazzino
PoS
Project
MRP

All apps

Tutti gli articoli Persone Badge

Etichette (Mostra tutto)

odoo accounting v14 pos v15

Sul forum

Assistenza

Fetch data from Odoo 16 E to Salesforce using API

javascript

1 Rispondi

1013 Visualizzazioni

D. PARMAR

I am trying to build a custom integration between Salesforce and Odoo 16 Enterprise using a custom module and API key-based authentication.

What I’ve Done:

Created a custom module with a @http.route('/sf/get_products', auth='api_key', type='json', methods=['POST'], csrf=False)
Created a boolean field sfcost on product categories, used to filter products returned in the response
Generated an API key from an Internal User (with Inventory/User access)
Set auth_api_key = True in odoo.conf
Restarted the Odoo service fully

Problem:

Despite all correct headers and method (Authorization: Bearer <key>, Content-Type: application/json, POST), Odoo always returns: odoo.exceptions.AccessDenied: Access Denied

I even created a test route /sf/ping to just return the user name and still get AccessDenied.

Christoph Farnleitner

Can you elaborate on auth='api_key' since that's not actually a thing

Desk Enterprise

hii,

Enable API Key Authentication in odoo.conf

You're correct to set:
auth_api_key = True

Make sure it is not commented out, and Odoo has been restarted after this change.

Use the Correct HTTP Header

For auth='api_key', Odoo expects the header exactly like this:
Authorization: Bearer <API_KEY>

API Key Must Belong to a User with Correct Group Access

You mentioned the user has Inventory / User access. That’s good for product data. But make sure this user also has access to "Technical Features" or is in the group that can access the endpoint logic (e.g., if your route does ORM queries).

Also:

Check that the API key was generated for an Internal user, not a portal or public user.
Confirm the key is still active and tied to the right user.

This is case-sensitive, and no extra space or typo is tolerated.

Test with a minimal route:
@http.route('/sf/ping', auth='api_key', type='json', methods=['POST'], csrf=False)

def ping(self, **kwargs):

return {"user": request.env.user.name}

Test with curl:
curl -X POST https://yourdomain.com/sf/ping \

-H "Authorization: Bearer <your_api_key>" \

-H "Content-Type: application/json" \

-d '{}'

Ti stai godendo la conversazione? Non leggere soltanto, partecipa anche tu!

Crea un account oggi per scoprire funzionalità esclusive ed entrare a far parte della nostra fantastica community!

Registrati

Post correlati	Risposte	Visualizzazioni
Cómo cerrar una transferencia interna al recibirla desde la vista de código de barras stock.picking javascript	0 lug 25	385
Why use the Lazy Translation function _lt() javascript	1 lug 25	5264
How to use ReactJS and Next.js to build a fully customizable, open-source headless frontend for Odoo javascript	0 lug 25	806
Odoo 18 custom event(s) within a JavaScript form controller javascript	0 giu 25	835
How to use multi label switching interface in Odoo Risolto javascript	1 giu 25	1000

La domanda è stata contrassegnata