| Availability |
Odoo Online
Odoo.sh
On Premise
|
| Odoo Apps Dependencies |
Discuss (mail)
|
| Lines of code | 2265 |
| Technical Name |
eh_mcp_server |
| License | OPL-1 |
| Website | https://erpheritage.com.au |
| Versions | 16.0 17.0 18.0 19.0 |
MCP Server for Odoo
A Model Context Protocol server that runs inside Odoo. Any MCP-compatible AI assistant connects straight to one native endpoint with a URL and a scoped key, no local Python bridge to install. One clean codebase on Odoo 16 to 19, built to the current MCP specification, secure by default.
Why this module
Native MCP. No local bridge.
The AI connects straight to Odoo
The Model Context Protocol is served by an Odoo controller at /mcp over JSON-RPC 2.0. There is no local uvx or Python package sitting between the assistant and Odoo: point any MCP client at the URL, send a scoped key, and it works. Fewer moving parts, nothing to install on the operator's machine.
Built to MCP 2025-11-25 and verified
Capability negotiation, tools with input and output schemas and annotations, resources with working query parameters, prompts with argument completion, pagination cursors, progress and cancellation, and the two-tier error model. Conformance is checked against the reference inspector, not just claimed.
Default-deny, on top of Odoo security
Nothing is exposed until an administrator enables a model and its operations. Calls run as the key's own user, so Odoo access rights and record rules always apply. Every call is authenticated, cross-origin requests are rejected, and a database-backed rate limiter holds across all worker processes.
Day in the life
From install to a connected assistant in two steps
An administrator installs the module, opens MCP Server, enables the models the assistant may touch and the operations allowed on each, then opens Connect AI Assistant and generates a scoped key. The endpoint URL and the key go into any MCP-compatible assistant. From there the assistant can search, read and, where permitted, create or update Odoo records in natural language, always within the permissions of the key's user.
Edge cases
The cases most modules quietly ignore.
In the shipped code today, each one a place where a cheaper module silently does the wrong thing.
The endpoint validates the Origin header and rejects cross-origin browser requests, guarding against DNS-rebinding, rather than trusting any caller that reaches the port.
The client's requested protocol version is negotiated and echoed; an unsupported version header is rejected cleanly instead of failing deep inside a handler.
A blocked model or operation returns a tool execution error the model can read and self-correct on, not an opaque protocol failure, while genuinely unknown tools return a proper protocol error.
Reading a record never fails wholesale because one field is inaccessible or broken; the readable fields are returned and the unreadable ones are dropped, each isolated so the request transaction is never poisoned.
The request rate limiter is backed by the database with an atomic counter, so the configured limit holds across every prefork worker instead of being multiplied by the worker count.
What is inside
Built to do the job, end to end.
- The /mcp controller. One portable http controller parses JSON-RPC 2.0 itself and returns native JSON, so the exact same code runs on Odoo 16, 17, 18 and 19. It owns Origin validation, the session and protocol-version headers, authentication, and the per-request event stream for log and progress notifications.
- Tool, resource and prompt registries. Tools, resources and prompts are registries, each declaring real schemas and annotations. The core ships search, get, list, describe, aggregate, create, update, delete, batch and chatter tools, plus odoo:// resources that accept query parameters and a curated prompt set with completion.
- Permission model and audit. A per-model configuration gates read, create, update and delete; a session registry and a database-backed rate counter live in tables, not per-worker memory; and an audit log records authentication, tool calls, permission denials and rate-limit events with automatic retention.
Honest about the edges
What this does not do, so nothing surprises you.
- Field-level and record-level permissions, dry-run write guardrails, OAuth 2.1, saved reports, long-running tasks and live resource subscriptions are in the free companion module MCP Server Pro. Server-to-client notifications are delivered on a per-request stream; a persistent push channel is a later addition. This module exposes Odoo's data to assistants; it is not itself an AI provider and stores no third-party credentials.
Odoo MCP server, Model Context Protocol Odoo, connect Claude to Odoo, connect ChatGPT to Odoo, Odoo AI assistant integration, MCP native endpoint, Odoo scoped API key, AI tools for Odoo 16 17 18 19, no local bridge MCP
See it in Odoo
The MCP Server app: choose what the AI can touch, connect in two clicks, and audit every call.
Per-model permissionsChoose exactly which models and operations an assistant may use. Default-deny, enforced on top of Odoo's own access rights and record rules.
Connect in two clicksGenerate a scoped key and point any MCP-compatible assistant at the native endpoint. No local bridge, no config files, the key is shown once.
Every call auditedAuthentication, tool calls, permission denials and rate-limit events are recorded with automatic retention, so you can see exactly what the AI did.
Languages
Available in 19 languages
The interface ships translated out of the box. Switch language in Odoo and the fields, menus, and messages follow.
Connect in three steps
Native endpoint, no local bridge. Point any MCP-compatible assistant at one URL with a scoped key.
Full step-by-step setup for Windows, macOS and Linux - Claude Code, Cursor, VS Code, Claude Desktop and n8n - is in the app README.
| Availability |
Odoo Online
Odoo.sh
On Premise
|
| Odoo Apps Dependencies |
Discuss (mail)
|
| Lines of code | 2265 |
| Technical Name |
eh_mcp_server |
| License | OPL-1 |
| Website | https://erpheritage.com.au |
Odoo Proprietary License v1.0 This software and associated files (the "Software") may only be used (executed, modified, executed after modifications) if you have purchased a valid license from the authors, typically via Odoo Apps, or if you have received a written agreement from the authors of the Software (see the COPYRIGHT file). You may develop Odoo modules that use the Software as a library (typically by depending on it, importing it and using its resources), but without copying any source code or material from the Software. You may distribute those modules under the license of your choice, provided that this license is compatible with the terms of the Odoo Proprietary License (For example: LGPL, MIT, or proprietary licenses similar to this one). It is forbidden to publish, distribute, sublicense, or sell copies of the Software or modified copies of the Software. The above copyright notice and this permission notice must be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Please log in to comment on this module