REST API
This is a guide on how to access enabled Odoo instances on Amberisk's Servers or on your own hosted instance..
Getting Started
Authenticating users
Before making any request make sure to login and obtain session_id(This will act as your Authentication token), Send all your requests with session_id as a parameter for authentication. There are two ways to obtain session_id, the first one is using /web/session/authenticate/ route and the second one is using /auth/ route.
-
Using
/web/session/authenticate/routeSend a POST request with JSON body as shown below.
POST /web/session/authenticate/Request Body
{ "jsonrpc": "2.0", "params": { "login": "your@email.com", "password": "your_password", "db": "database_name" } }Obtain
session_idfrom a cookie created(Not the one from a response). It'll be a long string something like "62dd55784cb0b1f69c584f7dc1eea6f587e32570", Then you can use this as a parameter to all requests. -
Using
/auth/routeIf you have set the default database then you can simply use
/authroute to do authentication asPOST /auth/Request Body
{ "params": { "login": "your@email.com", "password": "your_password", "db": "your_db_name" } }Use
session_idfrom the response as a parameter to all requests.
Note: For security reasons, in production don't send session_id as a parameter, use a cookie instead.
Examples showing how to obtain session_id and use it
Using
/web/session/authenticate/
route for authentication
import json
import requests
import sys
AUTH_URL = 'http://xxxxx.trustee.app/web/session/authenticate/'
headers = {'Content-type': 'application/json'}
# Remember to configure default db on odoo configuration file(dbfilter = ^db_name$)
# Authentication credentials
data = {
'params': {
'login': 'your@email.com',
'password': 'your_password',
'db': 'your_db_name'
}
}
# Authenticate user
res = requests.post(
AUTH_URL,
data=json.dumps(data),
headers=headers
)
# Get session_id from the response cookies
# We are going to use this as our API key
session_id = res.cookies.get('session_id', '')
# Example 1
# Get users
USERS_URL = 'http://xxxx.trustee.app/api/res.users/'
# Pass session_id for auth
# This will take time since it retrives all res.users fields
# You can use query param to fetch specific fields
params = {'session_id': session_id}
res = requests.get(
USERS_URL,
params=params
)
# This will be a very long response since it has many data
print(res.text)
# Example 2
# Get products(assuming you have products in you db)
# Here am using query param to fetch only product id and name(This will be faster)
USERS_URL = 'http://localhost:8069/api/product.product/'
# Pass session_id for auth
params = {'session_id': session_id, 'query': '{id, name}'}
res = requests.get(
USERS_URL,
params=params
)
# This will be small since we've retrieved only id and name
print(res.text)
Using
/auth/
route for authentication
import json
import requests
AUTH_URL = 'http://xxxx.trustee.app/auth/'
headers = {'Content-type': 'application/json'}
# Remember to configure default db on odoo configuration file(dbfilter = ^db_name$)
# Authentication credentials
data = {
'params': {
'login': 'your@email.com',
'password': 'your_password',
'db': 'your_db_name'
}
}
# Authenticate user
res = requests.post(
AUTH_URL,
data=json.dumps(data),
headers=headers
)
# Get session_id from the response
# We are going to use this as our API key
session_id = json.loads(res.text)['result']['session_id']
# Example 1
# Get users
USERS_URL = 'http://xxxx.trustee.app/api/res.users/'
# Pass session_id for auth
# This will take time since it retrives all res.users fields
# You can use query param to fetch specific fields
params = {'session_id': session_id}
res = requests.get(
USERS_URL,
params=params
)
# This will be a very long response since it has many data
print(res.text)
# Example 2
# Get products(assuming you have products in you db)
# Here am using query param to fetch only product id and name(This will be faster)
USERS_URL = 'http://localhost:8069/api/product.product/'
# Pass session_id for auth
params = {'session_id': session_id, 'query': '{id, name}'}
res = requests.get(
USERS_URL,
params=params
)
# This will be small since we've retrieved only id and name
print(res.text)
Avoiding to send
session_id
as a parameter for security reasons
When authenticating users, you can use a cookie instead of sending session_id as a parameter, this method is recommended in production for security reasons, below is the example showing how to use a cookie.
import json
import requests
import sys
AUTH_URL = 'http://xxxx.trustee.app/web/session/authenticate/'
headers = {'Content-type': 'application/json'}
# Remember to configure default db on odoo configuration file(dbfilter = ^db_name$)
# Authentication credentials
data = {
'params': {
'login': 'your@email.com',
'password': 'your_password',
'db': 'your_db_name'
}
}
# Authenticate user
res = requests.post(
AUTH_URL,
data=json.dumps(data),
headers=headers
)
# Get response cookies
# We will use this to authenticate user
cookies = res.cookies
# Example 1
# Get users
USERS_URL = 'http://xxxx.trustee.app/api/res.users/'
# This will take time since it retrives all res.users fields
# You can use query param to fetch specific fields
res = requests.get(
USERS_URL,
cookies=cookies # Here we are sending cookies instead of `session_id`
)
# This will be a very long response since it has many data
print(res.text)
# Example 2
# Get products(assuming you have products in you db)
# Here am using query param to fetch only product id and name(This will be faster)
USERS_URL = 'http://amicus.trustee.app/api/product.product/'
# Use query param to fetch only id and name
params = {'query': '{id, name}'}
res = requests.get(
USERS_URL,
params=params,
cookies=cookies # Here we are sending cookies instead of `session_id`
)
# This will be small since we've retrieved only id and name
print(res.text)