Skip to Content

Apex Biometric Security

by
Odoo

58.83

v 18.0 Third Party
Availability
Odoo Online
Odoo.sh
On Premise
Lines of code 1793
Technical Name apex_biometric_login
LicenseOPL-1
Websitehttps://apex.com
Versions 17.0 18.0 19.0
You bought this module and need support? Click here!
Availability
Odoo Online
Odoo.sh
On Premise
Lines of code 1793
Technical Name apex_biometric_login
LicenseOPL-1
Websitehttps://apex.com
Versions 17.0 18.0 19.0
WebAuthn / Passkeys / Biometric Login

Apex Biometric
Security for Odoo

Add a modern, secure, and auditable passkey login flow to Odoo. Users can register trusted devices and authenticate with fingerprint, Face ID, Windows Hello, mobile passkeys, or hardware security keys.

Odoo 18
Backend + Login Page
Passkey Login
Fingerprint / Face ID
Audit Ready
Security Event Logs
Apex Biometric Security
Enterprise Authentication Layer

Secure Odoo login with device-bound passkeys

Apex Biometric Security lets users register passkeys from the user profile and then sign in using supported browser and device authenticators. It is designed for companies that need stronger access control, better identity assurance, and a clear security audit trail.

  • OK Community
  • OK Enterprise On-premise
  • OK Odoo.sh
  • NO Odoo Online
Key Capabilities

Modern security controls for Odoo access

The app does not only add a button to the login page. It provides a full passkey registration, device management, audit logging, and revocation flow.

LOGIN

Passkey Login

Users can authenticate with passkeys using fingerprint, Face ID, Windows Hello, QR-based mobile passkeys, or security keys.

REGISTER

Biometric Registration

Register current device passkeys directly from the Biometric Login tab inside the Odoo user form.

REVOKE

Security Revocation

Passkeys are revoked after sensitive changes such as password change, login change, user archive, or access rights update.

AUDIT

Audit Logs

Track registration, authentication, failed attempts, rejected logins, revoked passkeys, IP, browser, OS, and device details.

CONFIG

Configurable Settings

Control password fallback, audit logging, and trusted device days from Odoo Settings.

ACCESS

Access Group Control

Dedicated Biometric Security group controls who can access biometric menus, settings, passkeys, and logs.

Installation & Access

Activate the app and assign access rights

The first setup step is to install the module, assign the Biometric Security Manager group, then start registering passkeys for authorized users.

1

Activate Apex Biometric Security

Go to Apps, search for the module, then click Activate. The module appears as an application with its own icon and menu.

Activate Apex Biometric Security
2

Grant Biometric Security Manager

Open the user form, go to Access Rights, and assign the Biometric Security Manager role. This controls access to biometric security menus and logs.

Biometric Security Manager group
Device Registration Flow

Register a passkey from the user profile

The user opens the Biometric Login tab, clicks Register This Device Passkey, enters a device name, and completes the browser or Windows security passkey registration flow.

3

Open Biometric Login Tab

The Biometric Login tab appears inside the user form. It contains the registration button, passkey enable checkbox, user handle, passkey count, and a registered passkeys table.

Biometric Login Tab
4

Enter Device Name

When the user clicks Register This Device Passkey, the browser asks for a device nickname. This helps the administrator identify the registered device later.

Passkey device name prompt
5

Choose Where to Save the Passkey

Windows Security or the browser authenticator asks where to save the passkey. The user can choose a phone/tablet passkey, a security key, or other supported authenticator options.

Choose where to save passkey
6

Registration Success

After completing the device verification, Odoo confirms that the passkey was registered successfully. The page can be refreshed to display the new passkey in the registered passkeys list.

Passkey registered successfully
7

Review Registered Passkeys

The passkey list shows the device name, browser, operating system, IP address, sign count, login count, last used time, trusted until date, and active status. This gives administrators visibility over every registered authentication device.

Registered Passkeys List
Biometric Login Flow

Login with passkey, fingerprint, Face ID, or mobile authenticator

The login page keeps the standard Odoo password login but adds a dedicated biometric/passkey login action. Users enter their login first, then choose passkey authentication.

8

Login Page Passkey Button

The user enters their login/email. Then they can click Login with Fingerprint / Face ID. The standard password login remains available based on your configured policy.

Login with fingerprint or Face ID
9

Choose a Passkey

The browser or operating system prompts the user to choose a passkey. This may show mobile devices, security keys, or local platform authenticators depending on the user's environment.

Choose a passkey
10

Scan QR Code with Phone or Tablet

If a mobile passkey is selected, the operating system can show a QR code. The user scans it with their phone or tablet to continue the authentication securely on that device.

Scan QR Code with phone or tablet
11

Device Connected

Once the device connects, the user continues verification on the selected authenticator. After verification, Odoo finalizes the login and creates the authenticated session.

Device connected continue on device
Audit & Monitoring

Full biometric login traceability

Biometric login attempts are recorded in dedicated logs so administrators can review who authenticated, from which device, browser, operating system, and IP address.

Biometric Login Logs

The log view tracks Register Begin, Register Finish, Auth Begin, Auth Finish, Auth Finalize, Auth Failed, Auth Rejected, and Passkey Revoked events. This helps security teams audit access events and investigate unusual activity.

Biometric Login Logs
Advanced Security Policy

Prevent biometric login after password or access changes

A common security gap in biometric login apps is allowing old passkeys to continue working after the password has changed. Apex Biometric Security closes this gap by revoking old passkeys and requiring new registration after sensitive security changes.

  • [OK] Security version validation
  • [OK] Automatic passkey deactivation
  • [OK] Revocation reason tracking
  • [OK] Re-registration required after security changes
  • [OK] Re-check before final login session creation

Change Password

When an administrator changes the user password, all active passkeys are revoked automatically. This prevents biometric login from bypassing the new password policy.

Change password security action

Old Passkey Rejected

After password change, if the user tries to login with the old registered passkey, the app rejects the attempt and asks the user to login with password and register a new passkey.

No active valid passkeys after password change
Process Map

End-to-end security workflow

01
Install

Activate the module from Apps and enable the security menu.

02
Authorize

Assign Biometric Security Manager to allowed users.

03
Register

Register a device passkey from the user profile.

04
Authenticate

Login with biometric / passkey from the login screen.

05
Audit

Review login logs, device data, browser, OS, and IP address.

06
Revoke

Disable passkeys manually or automatically after password changes.

07
Reject Old Keys

Old passkeys are blocked using active state and security version checks.

08
Re-register

User logs in with password and registers a fresh valid passkey.

Technical Overview

Feature Details

A complete technical and functional overview of what the app provides.

WebAuthn Passkeys Uses browser-supported public key credentials for biometric-friendly authentication without storing fingerprint or face data in Odoo.
Device Registration Users can register the current device from the Biometric Login tab inside the Odoo user profile.
Login Page Button Adds a dedicated login button for fingerprint, Face ID, Windows Hello, QR passkeys, and platform authenticator login.
Passkey Storage Stores credential ID, public key, device name, browser, operating system, IP address, sign count, and usage statistics.
Audit Logging Stores registration events, authentication events, rejected access, failed attempts, device metadata, user agent, browser, OS, IP address, and event status.
Trusted Device Days Tracks a trusted-until date for each registered device so administrators can review device trust periods.
Password Change Protection Old passkeys are invalidated after password changes, preventing biometric bypass after admin intervention.
Security Version Validation Each passkey is linked to a user security version. If the user security version changes, old passkeys become invalid.
Security Access Group Restricts biometric security menus and logs to authorized users through the Biometric Security Manager group.

Changelog

Stay up to date with the latest security features and improvements.

v19.0.1.0.0
Initial Release
2026
- Added passkey login with WebAuthn.
- Added user device registration and passkey management.
- Added biometric audit logs.
- Added passkey revocation after sensitive account changes.
- Added security version validation to block old credentials after password changes.
Need Support?

Apex Biometric Security

Advanced biometric login, passkey management, and security audit controls for Odoo. For implementation support, customization, bug fixes, or technical assistance, contact Apex Development.

EMAIL SUPPORT

Send us your request

Use email for implementation requests, technical issues, custom changes, and Odoo version compatibility questions.

Email: apexdevelopmetodoo@gmail.com
Send Email
Subject and body are pre-filled for faster support.
WHATSAPP SUPPORT

Scan QR or open WhatsApp

Use WhatsApp for quick questions, demos, setup support, and fast communication with Apex Development.

Apex WhatsApp QR Code
WhatsApp: https://wa.me/qr/3BZFZUVLXVAAN1
Open WhatsApp
If external links are restricted, scan the QR code or copy the WhatsApp link above.
Odoo 18
Ready
WebAuthn
Passkey Login
Audit Logs
Traceable
Secure Policy
Revocation Flow
Odoo Proprietary License v1.0

This software and associated files (the "Software") may only be used (executed,
modified, executed after modifications) if you have purchased a valid license
from the authors, typically via Odoo Apps, or if you have received a written
agreement from the authors of the Software (see the COPYRIGHT file).

You may develop Odoo modules that use the Software as a library (typically
by depending on it, importing it and using its resources), but without copying
any source code or material from the Software. You may distribute those
modules under the license of your choice, provided that this license is
compatible with the terms of the Odoo Proprietary License (For example:
LGPL, MIT, or proprietary licenses similar to this one).

It is forbidden to publish, distribute, sublicense, or sell copies of the Software
or modified copies of the Software.

The above copyright notice and this permission notice must be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
DEALINGS IN THE SOFTWARE.

Please log in to comment on this module

  • The author can leave a single reply to each comment.
  • This section is meant to ask simple questions or leave a rating. Every report of a problem experienced while using the module should be addressed to the author directly (refer to the following point).
  • If you want to start a discussion with the author or have a question related to your purchase, please use the support page.