Skip to Content
Odoo Menu
  • Sign in
  • Try it free
  • Apps
    Finance
    • Accounting
    • Invoicing
    • Expenses
    • Spreadsheet (BI)
    • Documents
    • Sign
    Sales
    • CRM
    • Sales
    • POS Shop
    • POS Restaurant
    • Subscriptions
    • Rental
    Websites
    • Website Builder
    • eCommerce
    • Blog
    • Forum
    • Live Chat
    • eLearning
    Supply Chain
    • Inventory
    • Manufacturing
    • PLM
    • Purchase
    • Maintenance
    • Quality
    Human Resources
    • Employees
    • Recruitment
    • Time Off
    • Appraisals
    • Referrals
    • Fleet
    Marketing
    • Social Marketing
    • Email Marketing
    • SMS Marketing
    • Events
    • Marketing Automation
    • Surveys
    Services
    • Project
    • Timesheets
    • Field Service
    • Helpdesk
    • Planning
    • Appointments
    Productivity
    • Discuss
    • Approvals
    • IoT
    • VoIP
    • Knowledge
    • WhatsApp
    Third party apps Odoo Studio Odoo Cloud Platform
  • Industries
    Retail
    • Book Store
    • Clothing Store
    • Furniture Store
    • Grocery Store
    • Hardware Store
    • Toy Store
    Food & Hospitality
    • Bar and Pub
    • Restaurant
    • Fast Food
    • Guest House
    • Beverage Distributor
    • Hotel
    Real Estate
    • Real Estate Agency
    • Architecture Firm
    • Construction
    • Property Management
    • Gardening
    • Property Owner Association
    Consulting
    • Accounting Firm
    • Odoo Partner
    • Marketing Agency
    • Law firm
    • Talent Acquisition
    • Audit & Certification
    Manufacturing
    • Textile
    • Metal
    • Furnitures
    • Food
    • Brewery
    • Corporate Gifts
    Health & Fitness
    • Sports Club
    • Eyewear Store
    • Fitness Center
    • Wellness Practitioners
    • Pharmacy
    • Hair Salon
    Trades
    • Handyman
    • IT Hardware & Support
    • Solar Energy Systems
    • Shoe Maker
    • Cleaning Services
    • HVAC Services
    Others
    • Nonprofit Organization
    • Environmental Agency
    • Billboard Rental
    • Photography
    • Bike Leasing
    • Software Reseller
    Browse all Industries
  • Community
    Learn
    • Tutorials
    • Documentation
    • Certifications
    • Training
    • Blog
    • Podcast
    Empower Education
    • Education Program
    • Scale Up! Business Game
    • Visit Odoo
    Get the Software
    • Download
    • Compare Editions
    • Releases
    Collaborate
    • Github
    • Forum
    • Events
    • Translations
    • Become a Partner
    • Services for Partners
    • Register your Accounting Firm
    Get Services
    • Find a Partner
    • Find an Accountant
      • Get a Tailored Demo
    • Implementation Services
    • Customer References
    • Support
    • Upgrades
    Github Youtube Twitter Linkedin Instagram Facebook Spotify
    +32 2 290 34 90
    • Get a Tailored Demo
  • Pricing
  • Help
  1. APPS
  2. Attendances
  3. Attended Face Capture v 17.0
  4. Sales Conditions FAQ

Attended Face Capture

by ERP Heritage https://www.erpheritage.com.au/
Odoo
v 17.0 Third Party 40
Download for v 17.0 Deploy on Odoo.sh
Apps purchases are linked to your Odoo account, please sign in or sign up first.
Availability
Odoo Online
Odoo.sh
On Premise
Odoo Apps Dependencies • Attendances (hr_attendance)
• Discuss (mail)
• Employees (hr)
Community Apps Dependencies Show
• Attendance Suite Base
• EH HR Platform Core
• Face Kiosk Attendance
• EH HR Compatibility
Lines of code 4541
Technical Name eh_hr_face_liveness
LicenseLGPL-3
Websitehttps://www.erpheritage.com.au/
Versions 16.0 17.0 18.0 19.0
You bought this module and need support? Click here!
Availability
Odoo Online
Odoo.sh
On Premise
Odoo Apps Dependencies • Attendances (hr_attendance)
• Discuss (mail)
• Employees (hr)
Community Apps Dependencies Show
• Attendance Suite Base
• EH HR Platform Core
• Face Kiosk Attendance
• EH HR Compatibility
Lines of code 4541
Technical Name eh_hr_face_liveness
LicenseLGPL-3
Websitehttps://www.erpheritage.com.au/
Versions 16.0 17.0 18.0 19.0
ERP Heritage · HR Platform
ERP Heritage / HR Attendance

Attended Face Capture

An auditable record of every face-kiosk capture attempt, recorded as the browser reports it. An attendance and audit layer, not a server-verified anti-spoofing control.

Free · LGPL-3FreeLGPL-3v1.0.0
Kiosk capture prompt
Client-asserted outcome
Token-authed endpoints
Rate-limited logging
Per-company retention

Why this module

Attended Face Capture

01 / HONEST

What it is, and what it is not

The capture outcome is computed in the browser and recorded as reported. The server does no liveness detection, no anti-spoofing, and no ML verification. Anyone who controls the device can report any outcome, and a printed photo held to the camera is not detected. The module ships this disclaimer in the manifest and on every record, because a recorded passed outcome is not proof of a real person.

02 / AUDITABLE

One row per attempt, read-only

Every kiosk attempt writes an eh.hr.liveness.check row carrying the client-asserted outcome, the prompt shown, the duration, the reported blink count, the fail reason, the kiosk device, and the site. Records are create-and-read only in the UI, flagged client-asserted, and scoped to the company, so the attendance trail stands up as dispute evidence.

03 / OWNERSHIP

Yours to keep

LGPL-3 source on disk. No activation key, no phone-home, no recurring licence. It layers on the ERP Heritage face kiosk and attendance base, reuses their device tokens and rate limiter, and is the attendance-audit layer beneath a genuine liveness model, not a substitute for one.

Day in the life

A payroll officer settles a contested clock-in.

An employee disputes a kiosk check-in time. The officer opens Attended captures, filters to that site and day, and finds the row: outcome as reported by the browser, the prompt that was shown, the reported blink count, the duration the client ran before reporting, the kiosk device, and a matching kiosk event in the audit trail. The record is read-only and flagged client-asserted, so it is clear evidence of what the kiosk reported at that moment, without anyone being able to claim the row was edited after the fact. The capture itself proves a prompt was answered on that device, not that a live person was present, and the officer treats it exactly that way.

Edge cases

The cases most modules quietly ignore.

In the shipped code today, each one a place where a cheaper module silently does the wrong thing.

TRUTH IN LABELLING

Every record carries client_asserted = True and an outcome help text stating the server does not verify the result. The model description and manifest summary both say plainly this is not a liveness or anti-spoofing result, only a record of what the kiosk client reported.

RETENTION / CRON ISOLATION

The daily retention sweep walks each company on its own eh_hr_liveness_retention_days horizon, defaulting to 180 days, and deletes only rows past that company's cutoff. It honours a shared batch_limit across companies so one tenant cannot starve another, and reports progress through ir.cron._commit_progress so the cron stays isolated.

TOKEN AUTH / SCOPING

Both endpoints require a valid X-EH-Kiosk-Token resolving to an active kiosk terminal, returning 401 otherwise. The recorded company and site are taken from the authenticated device, never from the request body, so a client cannot write a row into another company.

RATE LIMITING

The config and log endpoints are throttled per token, or per client IP when no token is present, through the shared eh.hr.rate.limit service, returning 429 when a caller exceeds budget so a misbehaving or hostile device cannot flood the audit table.

INPUT VALIDATION

The log endpoint rejects a malformed JSON body with 400 and accepts only the three outcomes passed, failed, or aborted, rejecting anything else with 400. Free-text prompt and fail-reason fields are truncated to 255 characters before storage.

GRACEFUL DEGRADATION

If the kiosk cannot load the in-browser face model or the camera is denied, the client reports failed or aborted with a reason rather than blocking the employee, and the kiosk check-in flow continues. The disabled state and any config error fall through to allow check-in.

What is inside

Built to do the job, end to end.

  • eh.hr.liveness.check model. One row per attempt: outcome (passed, failed, aborted), recorded-on timestamp, prompt shown, duration in ms, reported blink count, fail reason, kiosk device, site, optional employee, and company. Outcome is indexed, the row is read-only and flagged client-asserted, and a computed reference names it by outcome, employee, and time.
  • Kiosk capture prompt. A capture screen is injected into the face kiosk shell that asks the user to blink, shows a live progress counter against the configured prompt, and on completion records the result. The prompt text and required blink count are driven by per-company settings served to the device.
  • Config and log endpoints. /eh_hr/kiosk/liveness/config returns the per-company enabled flag, prompted blink count, and timeout to an authenticated device. /eh_hr/kiosk/liveness/log records the reported outcome, throttled, and writes a paired kiosk event tagged liveness_pass or liveness_fail into the existing kiosk audit trail.
  • Per-company settings. Settings on res.company, surfaced in res.config.settings: enable the capture prompt, set prompted blinks, set the capture timeout in ms, and set the retention horizon in days. All default to safe values and the feature ships disabled.
  • Retention sweep cron. A daily ir.cron runs _cron_retention_sweep, deleting attended-capture rows older than each company's retention horizon under a shared batch limit, with progress committed through the cron framework.
  • Security and views. A global ir.rule scopes records to the user's companies. ACLs grant read to HR manager, admin, and auditor groups, with no UI write or create and unlink reserved to admin. A read-only list, search with outcome, site, and day grouping, and a menu under Attendances expose the audit trail, defaulting to today.

Honest about the edges

What this does not do, so nothing surprises you.

  • Not an anti-spoofing or liveness-verification control. The outcome is computed entirely in the browser and recorded as reported. The server does no detection. A printed photo or a screen held to the camera is not detected, and anyone who controls the device can report any outcome.
  • A recorded passed outcome is not proof that a live person was present. Treat it as an attendance audit record, not as identity or presence assurance.
  • Employee linkage is optional and is set by the kiosk only after a separate face match identifies the employee. This module does not perform the face match.
  • The in-browser blink prompt depends on the face model and camera being available on the kiosk device. If they are not, the attempt is recorded as failed or aborted and check-in continues.
  • Requires the ERP Heritage face kiosk and attendance base modules. It is a layer on that kiosk, not a standalone attendance system.
  • Targets Odoo 17 Community. No cross-version guarantees are made here.
Search

Odoo 17 face attendance, kiosk check-in audit, face kiosk attendance record, hr_attendance face capture, attendance dispute evidence, Odoo Community HR kiosk, attended face capture, kiosk capture log, per-company attendance retention, blink prompt kiosk

ERP Heritage

Production-grade Odoo accounting, built to an engineering bar and documented honestly. Support: info@erpheritage.com.au
Developed by Odoo Consultant Sydney

v1.0.0 · LGPL-3 · Odoo 17 Community

Please log in to comment on this module

  • The author can leave a single reply to each comment.
  • This section is meant to ask simple questions or leave a rating. Every report of a problem experienced while using the module should be addressed to the author directly (refer to the following point).
  • If you want to start a discussion with the author, please use the developer contact information. They can usually be found in the description.
Community
  • Tutorials
  • Documentation
  • Forum
Open Source
  • Download
  • Github
  • Runbot
  • Translations
Services
  • Odoo.sh Hosting
  • Support
  • Upgrade
  • Custom Developments
  • Education
  • Find an Accountant
  • Find a Partner
  • Become a Partner
About us
  • Our company
  • Brand Assets
  • Contact us
  • Jobs
  • Events
  • Podcast
  • Blog
  • Customers
  • Legal • Privacy
  • Security

Odoo is a suite of open source business apps that cover all your company needs: CRM, eCommerce, accounting, inventory, point of sale, project management, etc.

Odoo's unique value proposition is to be at the same time very easy to use and fully integrated.

Website made with