A Model Context Protocol (MCP) server that exposes your Odoo ERP as a set of scoped, permissioned tools so external AI agents like Claude and ChatGPT can query and act on it safely. Built, installed, and supported by ECOSIRE for Odoo 17.0, 18.0, and 19.0. Built to order by ECOSIRE for Odoo 17, 18, 19 — indicative price from $499.00 USD; request a quote for a scoped proposal.

A Model Context Protocol (MCP) server that exposes your Odoo ERP as a set of scoped, permissioned tools so external AI agents like Claude and ChatGPT can query and act on it safely. Built, installed, and supported by ECOSIRE for Odoo 17.0, 18.0, and 19.0.
今すぐのお支払いはありません。これはチームへの見積もり依頼を送信します。価格と次のステップをメールでご案内します。
Teams are wiring AI agents into everything, but Odoo has no safe front door for them. The out-of-the-box options are the raw XML-RPC and JSON-RPC endpoints, which hand an agent full CRUD over every model the connecting user can touch — no notion of "read this, but only propose that," no per-agent scoping, no human approval step before an agent posts a journal entry or confirms a sales order. Point a general-purpose LLM at those endpoints and you either over-grant (the agent can silently unlink() records or mass-write fields) or under-deliver (you lock it down so hard it can do nothing useful). Odoo's own automated actions and server actions are powerful but they run inside Odoo on your triggers; they are not a way for an external agent to reason, ask, and act conversationally against live ERP data.
MCP server implementing the Model Context Protocol, connectable from Claude Desktop, ChatGPT, and custom agent runtimes over stdio or HTTP transport
Curated tool catalog — each tool maps to a specific Odoo model and action with a typed JSON input schema, instead of exposing the raw ORM
Read tools that return shaped, LLM-friendly payloads (selected fields, resolved relations) rather than raw `read()` dumps
Guarded-write tools with three configurable modes per action: execute-immediately, human approval gate, or write-to-draft/staging state
All tool execution runs through Odoo's authenticated JSON-RPC/XML-RPC layer, so `ir.model.access.csv` rights and record rules are always enforced
A second per-agent authorization gate on top of Odoo ACLs — an agent cannot reach a tool outside its assigned permission profile even if the backing user could
ECOSIRE builds you a dedicated MCP (Model Context Protocol) server that sits in front of Odoo and speaks the protocol Claude, ChatGPT, and other agent runtimes already understand. Instead of exposing the whole ORM, we define a curated catalog of tools — for example search_contacts, get_open_invoices, create_lead, draft_quotation — each mapped to specific models and actions and each carrying its own input schema. Under the hood every tool call is executed through Odoo's authenticated API against real models.Model records, so it respects your existing ir.model.access.csv rights and record rules; we layer a second gate on top so an agent can never reach beyond the tools you approved, regardless of what the underlying user account technically permits. Read tools return clean, shaped payloads (not raw dumps); write tools are split into guarded-write and approval-gated modes, so a mutation can be configured to execute immediately, to require a human "approve" click, or to be written to a draft/staging state for review.
Authentication is per agent, not shared. Each connected agent (or each end user behind it) gets its own credential and its own permission profile, so a customer-support agent sees helpdesk and contact tools while a finance agent sees invoicing tools — and the two can be revoked independently. Every tool invocation is logged: which agent, which tool, which arguments, which records were touched, and whether an approval gate fired. That audit trail lives in Odoo as first-class records with views and, where useful, QWeb-rendered reports, so your team reviews agent activity the same way they review any other Odoo document. We can also expose read-only MCP "resources" (saved reports, KPI snapshots) alongside the action tools so agents can ground their answers in your real data before they act.
Because this is build-to-order, we scope it to your Odoo. On a short call we map the exact models, actions, and approval rules you want exposed, confirm whether you are on Community or Enterprise (which affects which apps' models are in play — e.g. accounting, subscriptions, quality), and pin the target version(s) among Odoo 17.0, 18.0, and 19.0. We then build the MCP server plus its companion Odoo module (__manifest__.py, models for logging and permission profiles, ir.model.access.csv, record rules, views), stand it up on staging for UAT, and hand it over installed on your instance. Typical delivery is 2–4 weeks from confirmed scope, and you keep the source and the git repo.
Wants to give an internal Claude/ChatGPT agent real leverage over the ERP — pulling open orders, drafting quotations, updating leads — without handing it uncontrolled write access. Needs scoped tools and an approval queue they can trust.
Responsible for the instance's integrity and compliance. Cares that agent access honors `ir.model.access.csv` and record rules, that every call is logged, and that a per-agent credential can be revoked instantly without touching human users.
Building a customer-facing or internal agent and needs a clean, documented MCP endpoint into Odoo rather than hand-rolling XML-RPC calls and reinventing auth, guarded writes, and audit logging. Wants the source and git repo to extend it.
Needs assurance that AI agents can't silently post journal entries, confirm invoices, or delete records. Relies on approval gates, the write-to-draft mode, and the full audit trail to keep AI activity reviewable and reversible.
ecosire.com でライセンスを購入し、アカウント ダッシュボードから Odoo AI Agent (MCP Server) モジュールの ZIP をダウンロードします。
ZIP をサーバー上の Odoo カスタム アドオン フォルダーに抽出します (または、[アプリ] > [Odoo.sh / runbot のファイルからインストール] を介してアップロードします)。
開発者モードをアクティブにし、アプリを開き、「アプリリストの更新」をクリックして、「Odoo AI Agent (MCP Server)」を検索し、「インストール」を押します。
新しいメニューを開き、ECOSIRE ライセンス キーを貼り付け、外部認証情報 (Shopify、Amazon、Stripe など) を接続して保存します。
組み込みの接続テストを実行し、最初の 10 レコードを同期し、定期的な cron をスケジュールします。何か問題が発生した場合はサポートにお問い合わせください。
| 基準 | エコシエール | カスタムビルド | 競合他社 | オドゥー ネイティブ |
|---|---|---|---|---|
| AI agent access model | Curated MCP tool catalog, scoped per model/action | Whatever your team codes and maintains | Usually a generic connector, not tailored to your models | |
| Write safety | Guarded writes: immediate, approval-gate, or draft mode | Must design and build the gate yourself | Typically all-or-nothing write access | |
| Per-agent permissions | Isolated credential + profile per agent, revocable | Roll your own auth layer | Often one shared API key | |
| Audit logging | Every call logged as queryable Odoo records + reports | Build logging and views yourself | Limited or external logs, if any | |
| Odoo ACL / record-rule enforcement | Enforced, plus a second per-agent gate on top | Depends on how carefully you wire it | Relies on the underlying user's rights only | |
| Fit to your Odoo | Scoped to your models, edition, and version (17/18/19) | Fully custom but you own all the effort | Generic; you adapt to it | |
| Ownership & support | Full source, git handover, support window, training | You own it and all maintenance | Vendor-locked; support varies |
This is a build-to-order product, so we build it specifically for your Odoo. Typical delivery is 2–4 weeks from confirmed scope — that is, once we've agreed on which models, tools, actions, and approval rules to expose and confirmed your version. There is no instant download; we build, test on staging, and install it on your instance.
Three layers. First, every tool call runs through Odoo's authenticated API, so your existing `ir.model.access.csv` rights and record rules still apply. Second, each agent has its own permission profile and can only call the tools you assigned it — it can't reach the raw ORM. Third, write actions can be set to require a human approval gate or to write only to a draft/staging state, so a mutation is reviewed before it becomes real. Every call is logged.
Anything that speaks the Model Context Protocol — Claude (including Claude Desktop), and MCP-compatible ChatGPT/custom agent runtimes — over stdio or HTTP transport. Because it's a standard MCP server, you're not locked to one vendor; the same tool catalog serves multiple agent clients.
Both. The MCP layer sits in front of standard Odoo APIs, so it works on Community and Enterprise. The difference is which apps' models exist to expose — some models (certain accounting, subscription, or quality features) only exist on Enterprise. During scoping we confirm your edition and build the tool catalog around the models you actually have. We support Odoo 17.0, 18.0, and 19.0.
Authentication is per agent, not a single shared key. Each connected agent (or end user behind it) gets its own credential mapped to a permission profile, so different agents see different tool sets — a support agent and a finance agent are isolated — and any one credential can be revoked without affecting the others or your human Odoo users.
Every build includes a post-go-live support window for defect fixes and configuration adjustments. Because you receive the full source and git repository, your team can extend it too. For new tools, added models, or an Odoo version upgrade (e.g. moving to 19.0) we scope that as a follow-on engagement.
We build in per-agent rate limiting and payload-size guards so a looping or runaway agent can't hammer the instance, and read tools return shaped payloads rather than large raw dumps. During UAT on staging we validate behavior under realistic load before go-live.
A Model Context Protocol (MCP) server that exposes your Odoo ERP as a set of scoped, permissioned tools so external AI agents like Claude and ChatGPT can query and act on it safely. Built, installed, and supported by ECOSIRE for Odoo 17.0, 18.0, and 19.0.