I am trying to build a custom integration between *Salesforce and Odoo 16 Enterprise* using a custom module and *API key-based authentication*. What I’ve Done: Created a custom module with a @http.route('/sf/get_products', auth='api_key', type='json', methods=['POST'], csrf=False) Created a boolean field sfcost on product categories, used to filter products returned in the response Generated an API key from an *Internal User* (with Inventory/User access) Set auth_api_key = True in odoo.conf

Fetch data from Odoo 16 E to Salesforce using API

Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:

CRM
e-Commerce
Financeiro
Inventário
PoS
Project
MRP

All apps

Todas as publicações Pessoas Emblemas

Marcadores (Ver tudo)

odoo accounting v14 pos v15

Sobre este fórum

Ajuda

Fetch data from Odoo 16 E to Salesforce using API

javascript

1 Responder

295 Visualizações

D. PARMAR

I am trying to build a custom integration between Salesforce and Odoo 16 Enterprise using a custom module and API key-based authentication.

What I’ve Done:

Created a custom module with a @http.route('/sf/get_products', auth='api_key', type='json', methods=['POST'], csrf=False)
Created a boolean field sfcost on product categories, used to filter products returned in the response
Generated an API key from an Internal User (with Inventory/User access)
Set auth_api_key = True in odoo.conf
Restarted the Odoo service fully

Problem:

Despite all correct headers and method (Authorization: Bearer <key>, Content-Type: application/json, POST), Odoo always returns: odoo.exceptions.AccessDenied: Access Denied

I even created a test route /sf/ping to just return the user name and still get AccessDenied.

Christoph Farnleitner

Can you elaborate on auth='api_key' since that's not actually a thing

Desk Enterprise

hii,

Enable API Key Authentication in odoo.conf

You're correct to set:
auth_api_key = True

Make sure it is not commented out, and Odoo has been restarted after this change.

Use the Correct HTTP Header

For auth='api_key', Odoo expects the header exactly like this:
Authorization: Bearer <API_KEY>

API Key Must Belong to a User with Correct Group Access

You mentioned the user has Inventory / User access. That’s good for product data. But make sure this user also has access to "Technical Features" or is in the group that can access the endpoint logic (e.g., if your route does ORM queries).

Also:

Check that the API key was generated for an Internal user, not a portal or public user.
Confirm the key is still active and tied to the right user.

This is case-sensitive, and no extra space or typo is tolerated.

Test with a minimal route:
@http.route('/sf/ping', auth='api_key', type='json', methods=['POST'], csrf=False)

def ping(self, **kwargs):

return {"user": request.env.user.name}

Test with curl:
curl -X POST https://yourdomain.com/sf/ping \

-H "Authorization: Bearer <your_api_key>" \

-H "Content-Type: application/json" \

-d '{}'

Está gostando da discussão? Não fique apenas lendo, participe!

Crie uma conta hoje mesmo para aproveitar os recursos exclusivos e interagir com nossa incrível comunidade!

Publicações relacionadas	Respostas	Visualizações
How to use multi label switching interface in Odoo Resolvido javascript	1 jun. 25	339
Error: Missing type for doActionButton request javascript	1 mai. 25	859
My website is still not indexing properly despite implementing all recommended changes in Odoo, including modifying the head code and updating the Robots.txt file. It has been several days, yet the issue persists. javascript	0 mar. 25	511
Caused by: TypeError: Cannot read properties of undefined (reading 'name') javascript	1 dez. 24	3145
odoo template inheritance javascript	2 nov. 24	1303

Esta pergunta foi sinalizada