Skip to Content
You need to be registered to interact with the community.
All Posts People Badges
Ključne besede (View all)
odoo accounting v14 pos v15
About this forum
This question has been flagged
jsonrpcodoo17
3 Odgovori
14966 Prikazi
Avatar
Ids MG

When using JSON-RPC external API, do I need to call the common authenticate method before each object call? It only seems to authenticate and return the user id.

 So if I did that once, can I store that user id and use it for all further object calls? Or is there some kind of expiring session stored on the server I need to be aware of?

Avatar
Opusti
Ids MG
Avtor

I know how authentication works and that there are other techniques that can be used. But I want to minimize the number of authentication calls for JSON-RPC. Does anyone know if that can be done once or needs to be done before each object call?

Ids MG
Avtor

According to Odoo Support:

When using Odoo's JSON-RPC interface, you do not need to execute the authentication call before each object call. The authentication process should be done once to obtain the user ID and a session token, and then you can use these credentials for subsequent calls.

Avatar
Ajin A K
Best Answer

It depends on the specific implementation of the JSON-RPC API you're using. Here's a breakdown of the two common scenarios:

1. Session-based Authentication:

  • In this case, a successful authenticate call establishes a session on the server. This session is identified by a key or token (often not the user ID itself).
  • Subsequent object calls typically require including this session key or token in the request header or as a parameter.
  • This session has an expiration time. You don't need to call authenticate again until the session expires.

2. Token-based Authentication:

  • Here, authenticate might return a JSON Web Token (JWT) or a similar token containing user information and claims.
  • Subsequent object calls would require including this token in the request header (usually as an "Authorization" header).
  • JWTs are self-contained and expire after a set time. You need to re-authenticate (get a new token) before the current one expires.

How to determine which method your API uses?

  • Check the API documentation for details on authentication and authorization.
  • Look for keywords like "session", "token", "JWT", or expiration time.
  • If unsure, consult the API provider's support resources.

Here are some best practices for handling authentication with JSON-RPC APIs:

  • Store tokens securely: If using tokens, store them securely in memory or a secure storage mechanism like the keychain. Avoid storing them in plain text.
  • Refresh tokens before expiry: Monitor token expiry and refresh it before it expires to avoid interruptions in your application.
  • Handle errors gracefully: Implement proper error handling for authentication failures.

By understanding the authentication method and implementing best practices, you can efficiently manage user sessions and keep your JSON-RPC interactions secure.

Avatar
Opusti
Avatar
Ray Carnes (ray)
Best Answer

You need to send an authenticated User ID and Password (or API key) with each request.


Avatar
Opusti
Avatar
Long Duong Nhat
Best Answer 
Hi Ids MG,
Please try using Restful API. Odoo has an endpoint (/web/session/authenticate) to connect to the database and log in.
The API response has more information for you and it will have a session to help you maintain the connection.
Reference source: https://github.com/odoo/odoo/blob/17.0/addons/web/controllers/session.py#L29


Avatar
Opusti
Related Posts Odgovori Prikazi Aktivnost
Odoo JsonRPC : Get m2m, m2o or o2m nested field with read method
odoo jsonrpc odoo17
Avatar
0
feb. 25
1998
Error while posting invoice to ZATCA odoo sh Solved
odoo17
Avatar
Avatar
Avatar
Avatar
3
jul. 25
3163
How to send a real-time notification to POS UI using bus.bus in Odoo 17?
odoo17
Avatar
Avatar
1
jun. 25
5392
Odoo time-sheets rights to add
odoo17
Avatar
Avatar
2
maj 25
3103
POS is not recognizing short barcodes like "95" or "96" (Code 39 or custom short codes)
odoo17
Avatar
1
maj 25
2110