Auth Api Key

Authenticate http requests from an API key

Technical Name:
  • Odoo Version

Terms and Conditions

Auth Api Key

Beta License: LGPL-3 OCA/server-auth Translate me on Weblate Try me on Runbot

Authenticate http requests from an API key.

API keys are codes passed in (in the http header API-KEY) by programs calling an API in order to identify -in this case- the calling program's user.

Take care while using this kind of mechanism since information into http headers are visible in clear. Thus, use it only to authenticate requests from known sources. For unknown sources, it is a good practice to filter out this header at proxy level.

Table of contents


The api key must be provided by the configuration parameter named 'api_key_*.key', and the user under the same option 'api_key_*.user'.

For instance :


To apply this authentication system to your http request you must set 'api_key' as value for the 'auth' parameter of your route definition into your controller.

Bug Tracker

Bugs are tracked on GitHub Issues. In case of trouble, please check there if your issue has already been reported. If you spotted it first, help us smashing it by providing a detailed and welcomed feedback.

Do not contact contributors directly about support or help with technical issues.






This module is maintained by the OCA.

Odoo Community Association

OCA, or the Odoo Community Association, is a nonprofit organization whose mission is to support the collaborative development of Odoo features and promote its widespread use.

This module is part of the OCA/server-auth project on GitHub.

You are welcome to contribute. To learn how please visit

This is a preview of the recently viewed products by the user.
Once the user has seen at least one product this snippet will be visible.

Recently viewed Products