XF Market
MCP Server

MCP Server

by XFanis

$1.00 total

/ version

Available Versions

17.0

Requires

Odoo modules

Base
LicenseOPL-1
Categories
Technical
UpdatedApr 06, 2026
MCP Server screenshot

MCP Server for Odoo

Native Model Context Protocol (MCP) server built directly into Odoo. Expose your ERP data, operations, and prompts to AI assistants -Claude, Cursor, VS Code Copilot, and any MCP-compatible client -over Streamable HTTP transport. No external services, no proxies: the AI connects straight to your Odoo instance.

Key Features:

  • Native MCP protocol -Streamable HTTP transport, JSON-RPC 2.0, protocol version negotiation (2025-11-25 / 2024-11-05).
  • Dual authentication -Bearer token (Odoo API key) and HTTP Basic auth (login / password). Brute-force protection with per-IP lockout.
  • Full CRUD toolset -search, read, create, write, unlink, count, default_get, method_call, list_modules, list_companies -all configurable from the UI.
  • MCP Resources -expose system info, model field schemas, per-model access info, module metadata, and individual record data as structured resources discoverable by the AI.
  • Custom Prompts -admin-managed global prompts and user-created personal prompt templates with named argument substitution.
  • Odoo-native ACL -the same access rights the user has in the browser are enforced for every MCP operation. No privilege escalation possible.
  • Per-model MCP overrides -optional Access Control records let admins further restrict models: limit operations, filter fields, block methods, restrict groups.
  • Full audit trail -every MCP request is logged with user, session, method, tool name, IP address, duration, and response status. Configurable retention.
  • Session management -TTL-based MCP sessions with automatic expiry and manual termination via the DELETE endpoint.
  • Rate limiting -per-user configurable request rate cap.
  • IP filtering -allow-list or deny-list strategy with CIDR support.
  • Timezone-aware datetimes -reads return values in the user's local timezone; writes accept local-timezone strings and convert to UTC automatically, mirroring browser behaviour.

How It Works

After installing the module, Odoo exposes a single MCP endpoint at /mcp. Any MCP-compatible AI client (Claude Desktop, Cursor, VS Code with the MCP extension, etc.) can connect using your Odoo URL, an API key or login credentials, and start interacting with your ERP data through natural language.

The AI discovers available tools, resources, and prompts automatically through the MCP protocol's capability exchange. It can then search records, read field values, create or update data, call business methods -all subject to the same Odoo access rights as the authenticated user.

Configurable Tools

All MCP tools are stored as Odoo records and can be reviewed, reordered, or extended from the MCP → Configuration → Tools menu. Each tool has a name, description, JSON Schema for its parameters, and maps to a Python method on the mcp.tool model.

MCP Tools list view showing all available tools: search, read, create, write, unlink, count, default_get, method_call, list_modules, list_companies

Each tool record stores the full JSON Schema used to describe parameters to the AI, the display title, description, category, and optional structured output schema.

MCP Tool form view showing the 'search' tool with its JSON Schema input definition, description, method name, and category fields

MCP Resources

Resources provide structured, readable information to the AI without requiring a tool call. Manage them under MCP → Configuration → Resources. Built-in resources include system information, model field schemas, access metadata, module details, and dynamic record templates.

MCP Resources list view showing all built-in resources including system info, model schema, record access, module info, and record templates

Custom Prompts

Prompt templates let admins define reusable instructions for the AI that users can invoke by name. Manage global prompts under MCP → Configuration → Global Prompts. Users can also create their own personal prompts from MCP → My Prompts.

Templates support named argument placeholders ({argument_name}) with required/optional validation. The AI receives the rendered prompt as a structured message.

MCP Global Prompts list view showing prompt templates with their names, titles, roles, and active status

MCP Prompt form view showing a prompt template with message template field, argument list, global/personal toggle, and role selection

Per-Model Access Control

While Odoo's native ACL is always enforced as the primary security layer, the optional MCP Access Control records let administrators add an additional restriction layer per model: disable specific operations (read, write, create, delete, method calls), whitelist allowed fields, block specific methods, or restrict access to certain security groups.

MCP Access Control form view showing per-model permission toggles for read, write, create, delete, method_call operations and field restrictions

Audit Trail

Every MCP request is recorded in the audit log -accessible under MCP → Monitoring → Audit Logs. Each entry captures the authenticated user, session ID, MCP method, tool or resource name, request data, response status, IP address, user agent, and processing duration.

MCP Audit Log list view showing request history with columns for date, user, method, tool name, status, IP address, and duration in milliseconds

Configuration & Settings

The MCP server is configured from Settings → General Settings → MCP Server. Options include enabling/disabling the server, setting the rate limit, session TTL, maximum records per response, audit log retention, allowed CORS origins, and IP filtering rules.

Odoo General Settings page showing the MCP Server configuration section with toggles for enabled state, rate limit, session TTL, max records, audit log retention, and IP filtering options

Quick Start

  1. Install the MCP Server module.
  2. Generate an API key for your user: Settings → My Profile → API Keys → New.
  3. Add your Odoo instance to your MCP client configuration:
    • URL: https://<your-odoo-host>/mcp
    • Authorization: Bearer <your-api-key>
  4. Ensure your user belongs to the MCP User or MCP Administrator security group.
  5. Start chatting -ask the AI to search records, summarise data, or update fields.
Logo
Need a demo, discount or any other help?
Reach me on Telegram: https://t.me/xfanis

Contact me for Support, Customization, Implementation:

Stay in touch and updated: