Skip to Content
Odoo Menu
  • Sign in
  • Try it free
  • Apps
    Finance
    • Accounting
    • Invoicing
    • Expenses
    • Spreadsheet (BI)
    • Documents
    • Sign
    Sales
    • CRM
    • Sales
    • POS Shop
    • POS Restaurant
    • Subscriptions
    • Rental
    Websites
    • Website Builder
    • eCommerce
    • Blog
    • Forum
    • Live Chat
    • eLearning
    Supply Chain
    • Inventory
    • Manufacturing
    • PLM
    • Purchase
    • Maintenance
    • Quality
    Human Resources
    • Employees
    • Recruitment
    • Time Off
    • Appraisals
    • Referrals
    • Fleet
    Marketing
    • Social Marketing
    • Email Marketing
    • SMS Marketing
    • Events
    • Marketing Automation
    • Surveys
    Services
    • Project
    • Timesheets
    • Field Service
    • Helpdesk
    • Planning
    • Appointments
    Productivity
    • Discuss
    • Approvals
    • IoT
    • VoIP
    • Knowledge
    • WhatsApp
    Third party apps Odoo Studio Odoo Cloud Platform
  • Industries
    Retail
    • Book Store
    • Clothing Store
    • Furniture Store
    • Grocery Store
    • Hardware Store
    • Toy Store
    Food & Hospitality
    • Bar and Pub
    • Restaurant
    • Fast Food
    • Guest House
    • Beverage Distributor
    • Hotel
    Real Estate
    • Real Estate Agency
    • Architecture Firm
    • Construction
    • Property Management
    • Gardening
    • Property Owner Association
    Consulting
    • Accounting Firm
    • Odoo Partner
    • Marketing Agency
    • Law firm
    • Talent Acquisition
    • Audit & Certification
    Manufacturing
    • Textile
    • Metal
    • Furnitures
    • Food
    • Brewery
    • Corporate Gifts
    Health & Fitness
    • Sports Club
    • Eyewear Store
    • Fitness Center
    • Wellness Practitioners
    • Pharmacy
    • Hair Salon
    Trades
    • Handyman
    • IT Hardware & Support
    • Solar Energy Systems
    • Shoe Maker
    • Cleaning Services
    • HVAC Services
    Others
    • Nonprofit Organization
    • Environmental Agency
    • Billboard Rental
    • Photography
    • Bike Leasing
    • Software Reseller
    Browse all Industries
  • Community
    Learn
    • Tutorials
    • Documentation
    • Certifications
    • Training
    • Blog
    • Podcast
    Empower Education
    • Education Program
    • Scale Up! Business Game
    • Visit Odoo
    Get the Software
    • Download
    • Compare Editions
    • Releases
    Collaborate
    • Github
    • Forum
    • Events
    • Translations
    • Become a Partner
    • Services for Partners
    • Register your Accounting Firm
    Get Services
    • Find a Partner
    • Find an Accountant
      • Get a Tailored Demo
    • Implementation Services
    • Customer References
    • Support
    • Upgrades
    Github Youtube Twitter Linkedin Instagram Facebook Spotify
    +32 2 290 34 90
    • Get a Tailored Demo
  • Pricing
  • Help
  1. APPS
  2. Attendances
  3. Door Access Control v 18.0
  4. Sales Conditions FAQ

Door Access Control

by ERP Heritage https://www.erpheritage.com.au/
Odoo
v 18.0 Third Party 44
Download for v 18.0 Deploy on Odoo.sh
Apps purchases are linked to your Odoo account, please sign in or sign up first.
Versions 16.0 17.0 18.0 19.0
You bought this module and need support? Click here!
Availability
Odoo Online
Odoo.sh
On Premise
Odoo Apps Dependencies • Attendances (hr_attendance)
• Discuss (mail)
• Employees (hr)
Community Apps Dependencies Show
• Attendance Suite Base
• EH HR Platform Core
• Face Kiosk Attendance
• EH HR Compatibility
Lines of code 4770
Technical Name eh_hr_attendance_access_control
LicenseLGPL-3
Websitehttps://www.erpheritage.com.au/
Versions 16.0 17.0 18.0 19.0
ERP Heritage · HR Platform
Physical access control for the attendance kiosk

Door Access Control for Odoo 18

When an authorised employee matches at the kiosk, the door unlocks and an audit row is written. Every time, whatever the outcome.

Free · LGPL-3Odoo 18 CommunityLGPL-3 source on diskv1.0.0
Face match to door unlock
Per employee per zone permissions
HTTP webhook reader protocol
Append-only access audit
Bearer token on every call

Why this module

Door Access Control for Odoo 18

Real mechanism

The unlock is gated, the audit is not

The controller resolves the employee, the device's zone, and the active reader, checks the permission window, then calls the webhook. An event row is written on every path: allowed, denied for no permission, reader denied, reader error, no reader, no zone. You always see what happened.

Vendor neutral

One reader protocol, any hardware behind it

The module POSTs a JSON unlock command to a configured URL with an optional bearer token and a configurable timeout. Relay, Wiegand, MQTT, or a proprietary board all sit behind a one page bridge that exposes that endpoint. The Odoo side stays hardware agnostic.

Operations safe

Door delays never slow the kiosk

The kiosk fires the unlock as a side effect of the match and forgets the result. The employee already has their success screen; the access outcome lands in the audit trail. Slow or unreachable door hardware cannot stall the visible attendance flow.

Day in the life

A normal morning at the side entrance

An employee looks at the kiosk by the side door and the match succeeds. The kiosk quietly POSTs the employee id to the access trigger. The module finds the zone for that kiosk site, confirms the person has an active permission inside its valid window, and POSTs an unlock to the reader's bridge with a five second auto relock. The relay fires, the bridge returns 200, and an event row records allowed with the reader's reply and 180 ms elapsed. A contractor whose permission lapsed yesterday matches at the same door; the unlock never fires and the row reads denied. At month end the retention cron trims events older than the company's horizon, a few thousand at a time.

Edge cases

The cases most modules quietly ignore.

In the shipped code today, each one a place where a cheaper module silently does the wrong thing.

Outcome taxonomy

Six outcomes are distinguished and stored, not collapsed into pass or fail: allowed, denied for no permission, reader denied, reader error, no reader for zone, no zone for site. The reader response text and elapsed milliseconds are kept alongside.

Permission window

A permission only opens the door when active and inside its valid from and valid to dates. is_currently_valid is checked at trigger time, so a lapsed or not yet started grant is treated as denied rather than ignored.

Audit immutability

Access events carry no write permission for any role; the timestamp and fields are readonly. Managers and auditors read, admins read and create and unlink, nobody edits a recorded outcome.

Cron isolation

The retention sweep walks each company with its own retention horizon, deletes in capped batches, and reports progress through _commit_progress so a long sweep stays inside its scheduler budget.

Cross company guard

The trigger rejects an employee whose company does not match the calling device's company, and four global record rules scope zones, readers, permissions, and events to company_ids.

Token and rate limits

The public endpoint requires a valid kiosk device token or returns 401, and is rate limited per token or client IP to 60 hits before returning 429. A malformed body or non integer employee id returns 400.

Reader failure handling

A network failure or 5xx is recorded as reader error with the captured message, a 4xx as reader denied, and a 2xx as allowed. The reader's last status, last response, and last unlock time are written back for diagnosis.

What is inside

Built to do the job, end to end.

  • Four models, one clear chain. Zone is a named controlled space tied to one or more kiosk sites. Reader is the bridge endpoint with URL, optional bearer token, timeout, and auto relock. Permission is employee plus zone plus an optional date window. Event is the append-only audit row per attempt.
  • Public trigger endpoint. A token authenticated POST route resolves the device, employee, zone, and active reader, validates the permission, calls the webhook, and creates the event. It returns a small JSON body with the outcome, reader name, event id, and elapsed time.
  • Kiosk hook and reader test. A JavaScript hook wraps the face match fetch and fires the unlock on success without blocking the screen. A test unlock button on the reader form lets you confirm the bridge is reachable and authorised during commissioning.
  • Security and retention. Per company record rules on all four models, role based access where events stay readonly, a unique permission row per employee and zone, zone code format validation, and a daily retention cron with a per company day horizon.

Honest about the edges

What this does not do, so nothing surprises you.

  • Ships one reader protocol only, HTTP webhook. Relay, Wiegand, MQTT, or proprietary boards require a small bridge service you run in front of your hardware that exposes an HTTP endpoint. The bridge is not included.
  • The unlock is triggered by a successful face match at the kiosk, so the module depends on the ERP Heritage face kiosk and attendance base. It is not a standalone badge reader or card access system.
  • When a kiosk site maps to more than one zone, the first active zone wins. Multiple zones per single site is not yet resolved per reader.
  • The kiosk fires the unlock fire and forget. The door outcome is recorded in the audit trail, not surfaced as a block or retry on the kiosk success screen.
  • Targets Odoo 18 Community. No cross version guarantee is made here for other releases.
Search

odoo 18 door access control, biometric door unlock odoo, face recognition access control, hr attendance access control, kiosk door unlock integration, per employee zone permissions, webhook door controller odoo, wiegand relay bridge odoo, access event audit trail, multi company access control, odoo 18 community attendance, physical access control module

Work with ERP Heritage

Need this fitted to the way you work?

ERP Heritage delivers end to end Odoo work: Odoo Implementation, Customization and Development, Integration, Migration, Consultation, Support and Training. We help teams put this module into production, shape it to their process, and keep it running.

Build and tailor
Odoo Implementation, Customization and Development, scoped to your workflow.
Connect and move
Odoo Integration and Migration across systems and Odoo versions.
Run and support
Odoo Support and Training so your team stays productive after go live.
Plan and advise
Odoo Consultation and ERP Consulting, from discovery to roadmap.

We work with businesses across Australia (Melbourne, Sydney, Brisbane, Perth, Adelaide, Canberra) and the Middle East (Dubai, Abu Dhabi, Riyadh, Jeddah, Doha, Kuwait City, Muscat). Start a conversation at erpheritage.com.au or email info@erpheritage.com.au.

ERP Heritage

Production-grade Odoo HR, built to an engineering bar and documented honestly. Support: info@erpheritage.com.au
Developed by ERP Heritage - Top Odoo Partner

v1.0.0 · LGPL-3 · Odoo 18 Community

Please log in to comment on this module

  • The author can leave a single reply to each comment.
  • This section is meant to ask simple questions or leave a rating. Every report of a problem experienced while using the module should be addressed to the author directly (refer to the following point).
  • If you want to start a discussion with the author, please use the developer contact information. They can usually be found in the description.
Community
  • Tutorials
  • Documentation
  • Forum
Open Source
  • Download
  • Github
  • Runbot
  • Translations
Services
  • Odoo.sh Hosting
  • Support
  • Upgrade
  • Custom Developments
  • Education
  • Find an Accountant
  • Find a Partner
  • Become a Partner
About us
  • Our company
  • Brand Assets
  • Contact us
  • Jobs
  • Events
  • Podcast
  • Blog
  • Customers
  • Legal • Privacy
  • Security

Odoo is a suite of open source business apps that cover all your company needs: CRM, eCommerce, accounting, inventory, point of sale, project management, etc.

Odoo's unique value proposition is to be at the same time very easy to use and fully integrated.

Website made with