Apex Mobile Biometric API
Secure Odoo backend API for Android apps that need fingerprint, Face Unlock, or device biometric login for multiple users on the same device.
واجهة برمجية آمنة لربط تطبيقات أندرويد مع أودو لتسجيل الدخول بالبصمة أو التحقق الحيوي لأكثر من مستخدم على نفس الجهاز.
No raw fingerprint storage Android Keystore compatible Odoo user mappingMobile API Layer
Odoo verifies cryptographic signatures, not fingerprint images.
What This App Solves
Some Android apps need to login different Odoo users from the same mobile device using biometrics. Android does not expose which raw fingerprint was used, so the correct solution is a biometric-protected device credential and signed challenge flow.
بعض تطبيقات أندرويد تحتاج إلى تسجيل دخول أكثر من مستخدم إلى أودو من نفس الجهاز باستخدام البصمة. أندرويد لا يعطي التطبيق البصمة نفسها، لذلك الحل الصحيح هو استخدام اعتماد آمن محمي بالبصمة وتوقيع تحدي صادر من أودو.
Built for native mobile integration
Credential Registration
Register a public key credential for each Odoo user and Android device.
Signed Challenge Login
Send one-time challenges to Android and verify signed responses in Odoo.
User Auto-Mapping
Identify the correct Odoo user from the verified credential ID.
Audit Logs
Track registration, authentication, failed attempts, device, IP address and app package.
Credential Revocation
Disable mobile credentials from Odoo when a device is lost or access should be removed.
Optional Web Session
After successful verification, the API can finalize an Odoo web session.
Secure Login Flow
Register
User logs in once and registers an Android device credential.
Challenge
Odoo sends a short-lived challenge for the credential.
Biometric
Android verifies fingerprint locally and signs the challenge.
Login
Odoo verifies the signature and returns the matched user.
API Endpoints
Use these JSON-RPC endpoints from your Android app.
| Register Begin | /apex/mobile_biometric/register/begin |
| Register Finish | /apex/mobile_biometric/register/finish |
| Auth Begin | /apex/mobile_biometric/auth/begin |
| Auth Finish | /apex/mobile_biometric/auth/finish |
| Finalize Web Session | /apex/mobile_biometric/auth/finalize |
Important Security Note
This app does not read, store, compare, or expose raw fingerprint data.
Android verifies biometrics locally. Odoo only stores credential metadata and a public key. Login is approved only when the Android app signs the Odoo challenge with the matching private key.
التطبيق لا يقرأ ولا يخزن البصمة نفسها. التحقق يتم داخل جهاز أندرويد، وأودو يتحقق فقط من التوقيع الآمن المرتبط بالمستخدم.
Testing With the Flutter Demo App
Local Network
Use your PC IP address, not localhost. Example: http://192.168.1.12:8090
Demo Flow
Password login, register biometric credential, then test biometric login and check the matched Odoo user.
Full biometric API cycle inside Odoo
These screens show the real backend records created by the Android test app: credential registration, login logs and consumed security challenges.
هذه الشاشات تعرض السجلات الحقيقية التي ينشئها تطبيق أندرويد داخل أودو: تسجيل الاعتماد، سجلات الدخول، وتحديات الأمان المستخدمة.
Click any screenshot to open the full-size preview. اضغط على أي صورة لفتحها بالحجم الكامل.
Registered Mobile Credential
اعتماد الهاتف المسجل
After the first password login, Odoo stores the credential ID, linked user, public key, device UID, app package, platform and usage counters.
بعد تسجيل الدخول بكلمة المرور لأول مرة، يخزن أودو رقم الاعتماد، المستخدم المرتبط، المفتاح العام، بيانات الجهاز، الحزمة، النظام، وعدادات الاستخدام.
Mobile Login Audit Logs
سجلات دخول الهاتف
Odoo keeps a timeline for register begin, register finish, auth begin and auth finish events with status, user, credential, IP address and device data.
يحتفظ أودو بتسلسل زمني لبدء التسجيل، إنهاء التسجيل، بدء التحقق، وإنهاء التحقق مع الحالة والمستخدم والاعتماد وعنوان IP وبيانات الجهاز.
Register Begin Event
حدث بدء التسجيل
This log proves that Odoo created the first registration challenge and captured the Android device name, app package, platform and source IP address.
هذا السجل يثبت أن أودو أنشأ تحدي التسجيل الأول وسجل اسم جهاز أندرويد وحزمة التطبيق والنظام وعنوان IP.
Register Finish Event
حدث إنهاء التسجيل
After Android signs the challenge, Odoo verifies the signature and records a successful credential registration for the selected user.
بعد أن يوقع أندرويد التحدي، يتحقق أودو من التوقيع ويسجل نجاح إنشاء الاعتماد للمستخدم المحدد.
Consumed Security Challenges
تحديات الأمان المستخدمة
Every registration and authentication challenge is short-lived and marked as consumed after use, helping prevent replay attacks.
كل تحدي للتسجيل أو تسجيل الدخول يكون محدود الوقت ويتم وضع علامة مستخدم عليه بعد استعماله، وهذا يساعد على منع إعادة استخدام نفس التوقيع.
Get Android biometric API implementation help
Contact Apex Development for Android integration, Odoo API setup, custom mobile flow, testing help, bug fixes or technical assistance.
Compatible API Price
A professional backend API module for Android biometric login and Odoo user matching.
Price: $100 USD
Send Your Request
Use email for implementation requests, API integration questions, custom Android changes and Odoo version compatibility.
apexdevelopmetodoo@gmail.com
Send EmailQuick Support
Use WhatsApp for quick questions, demos, setup support and fast communication with Apex Development.
Open WhatsApp
https://wa.me/qr/3BZFZUVLXVAAN1
Apex Mobile Biometric API
Secure Android biometric API, signed challenge verification, Odoo user mapping and mobile login audit logs.
| Availability |
Odoo Online
Odoo.sh
On Premise
|
| Lines of code | 550 |
| Technical Name |
apex_mobile_biometric_api |
| License | OPL-1 |
| Website | https://apex-development.com |
Odoo Proprietary License v1.0 This software and associated files (the "Software") may only be used (executed, modified, executed after modifications) if you have purchased a valid license from the authors, typically via Odoo Apps, or if you have received a written agreement from the authors of the Software (see the COPYRIGHT file). You may develop Odoo modules that use the Software as a library (typically by depending on it, importing it and using its resources), but without copying any source code or material from the Software. You may distribute those modules under the license of your choice, provided that this license is compatible with the terms of the Odoo Proprietary License (For example: LGPL, MIT, or proprietary licenses similar to this one). It is forbidden to publish, distribute, sublicense, or sell copies of the Software or modified copies of the Software. The above copyright notice and this permission notice must be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Please log in to comment on this module