From 55330d391e213325cb338387f0c5706f7ad87c11 Mon Sep 17 00:00:00 2001
From: thien <thienvh@trobz.com>
Date: Thu, 10 Oct 2024 15:03:30 +0700
Subject: [PATCH] [UDP] auth_api_key: Update description for reason to keep
 this module

---
 auth_api_key/readme/DESCRIPTION.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/auth_api_key/readme/DESCRIPTION.md b/auth_api_key/readme/DESCRIPTION.md
index 6d09ff29d8..4cac579599 100644
--- a/auth_api_key/readme/DESCRIPTION.md
+++ b/auth_api_key/readme/DESCRIPTION.md
@@ -10,3 +10,10 @@ from known sources.
 
 For unknown sources, it is a good practice to filter out this header at
 proxy level.
+
+Odoo allows users to authenticate `XMLRPC/JSONRPC` calls using their API key instead of a password by native API keys (`res.users.apikey`). However, `auth_api_key` has some special features of its own such as:
+- API keys remain usable even when the user is inactive, if enabled via settings (e.g., for system users in a shopinvader case).
+- Supports dual authentication via Basic Auth and API_KEY in separate HTTP headers.
+- Admins can manage API keys for all users
+
+Given these advantages, particularly in use case like system user authentication, we have decided to keep the `auth_api_key` module
\ No newline at end of file