A made-to-order REST layer that exposes your Odoo models over standard HTTP verbs (GET, POST, PUT, DELETE) with JSON or XML payloads, token authentication, and access-rule enforcement. ECOSIRE scopes, builds, installs, and supports it for your exact integration needs. Built to order by ECOSIRE for Odoo 17, 18, 19 — indicative price from $249.00 USD; request a quote for a scoped proposal.

A made-to-order REST layer that exposes your Odoo models over standard HTTP verbs (GET, POST, PUT, DELETE) with JSON or XML payloads, token authentication, and access-rule enforcement. ECOSIRE scopes, builds, installs, and supports it for your exact integration needs.
现在无需付款。此操作会向我们的团队发送报价请求——我们会通过邮件跟进价格和后续步骤。
Most teams that run Odoo eventually hit the same wall: an external system — a headless storefront, a mobile app, a partner portal, a data pipeline, or a low-code tool — needs to read and write Odoo records over clean, predictable HTTP. Odoo ships with XML-RPC and JSON-RPC endpoints, but those are RPC-shaped, not resource-shaped: every call is a method invocation like execute_kw against res.partner, authentication is a login round-trip that returns a numeric uid, and there is no natural concept of GET /partners/42 or DELETE /orders/17. Integrators end up hand-rolling wrappers, wrestling with search_read domain syntax, and re-implementing the same auth and pagination glue on every project. That work is where budgets and timelines quietly bleed out.
Resource-style routing that maps `GET`, `POST`, `PUT`/`PATCH`, and `DELETE` onto ORM `search_read`, `create`, `write`, and `unlink` via `@http.route` controllers
JSON payloads by default, with XML request/response support where a legacy or enterprise consumer requires it
Token / API-key authentication backed by a dedicated scoped integration user — no session cookies or master credentials in client code
Access control enforced natively through your existing `ir.model.access.csv` and `ir.rule` record rules, including multi-company isolation
Query support on `GET` collections: Odoo domain filtering, field selection (sparse fieldsets), `order` sorting, `limit`/`offset` pagination, and total-count headers
Consistent typed error envelopes with correct HTTP status codes (`400`, `401`, `403`, `404`, `409`, `422`) and machine-readable bodies
This is a build-to-order REST gateway that ECOSIRE designs and builds against your specific Odoo models and workflows. We add a routed controller layer (http.Controller with @http.route(..., type='json'|'http', auth='...')) that maps standard HTTP verbs onto Odoo ORM operations: GET for search_read with filtering, field selection, sorting and pagination; POST for create; PUT/PATCH for write; and DELETE for unlink. Requests and responses are served as JSON by default, with XML available where a legacy consumer requires it. Every endpoint sits behind a real authentication scheme — API-key or token headers backed by a dedicated integration user — so you are never passing raw session cookies or embedding master credentials in client code.
Security is enforced at the Odoo layer rather than bolted on. The gateway runs each request in the context of a scoped API user, so your existing ir.model.access.csv matrix and ir.rule record rules apply unchanged — an integration that should only see its own company's sale.order records physically cannot read another company's. We add per-key rate limiting, request/response logging for auditability, input validation against your model's field definitions, and consistent typed error envelopes (proper 400/401/403/404/409/422 status codes with machine-readable bodies) so consumers can handle failures deterministically. Computed fields (@api.depends), related fields, and Many2one/One2many/Many2many relations are serialized in a documented, stable shape, and we can expose custom action endpoints (e.g. "confirm this sale order", "validate this picking") that call your business methods instead of forcing clients to replicate workflow logic.
Because this is made to order, the build starts with a scoping call, not a download. We confirm exactly which models and fields are exposed, the auth model, versioning strategy, and which Odoo edition and version you run — the gateway is delivered for Odoo 17.0, 18.0, or 19.0, and we account for Community vs Enterprise differences (Enterprise-only models such as certain accounting or field-service objects are only exposed if your edition includes them). You receive installable source in a proper module with a clean __manifest__.py, we deploy it to your staging environment for UAT, then to production. Typical delivery is 2 to 4 weeks from confirmed scope.
Pricing starts from $249 (indicative, single-company base scope); the number of exposed models and custom action endpoints, multi-company record-rule isolation, XML alongside JSON, webhook/outbound callbacks, and OpenAPI documentation depth increase the quoted scope. You get a fixed quote after the scoping call — never a surprise invoice.
Runs a decoupled storefront or mobile app and needs Odoo to be the product, pricing, inventory, and order backend behind clean REST calls rather than RPC glue — with pagination, field selection, and predictable error handling.
Syncs Odoo with CRMs, WMS/3PL, marketplaces, or payment systems and wants a stable, versioned REST contract with token auth and per-key rate limits instead of maintaining bespoke `execute_kw` wrappers on every side.
Wires Odoo into iPaaS tools, spreadsheets, or internal dashboards and needs standard HTTP endpoints their non-Odoo developers can consume, with access strictly bounded by existing record rules.
Exposes a controlled slice of Odoo data to external customers or partners and requires audit logging, scoped API keys per tenant, and multi-company isolation enforced at the ORM level.
在 ecosire.com 上购买许可证并从您的帐户仪表板下载 Odoo REST API Gateway 模块 ZIP。
将 ZIP 解压到服务器上的 Odoo 自定义插件文件夹中(或通过“应用程序”>“从 Odoo.sh / runbot 上的文件安装”上传)。
激活开发者模式,打开应用程序,单击更新应用程序列表,搜索 Odoo REST API Gateway,然后按安装。
打开新菜单,粘贴您的 ECOSIRE 许可证密钥,连接任何外部凭据(Shopify、Amazon、Stripe 等),然后保存。
运行内置连接测试,同步前 10 条记录,并安排定期 cron。如果出现任何问题,请联系支持人员。
| 标准 | 伊科西尔 | 定制建造 | 竞争对手 | 奥杜本机 |
|---|---|---|---|---|
| API style | Resource-shaped REST: HTTP verbs on models | Whatever you build, if you have the time | Generic REST, fixed to its own conventions | |
| Authentication | Token/API-key via scoped integration user | Hand-rolled, quality varies | Built-in key auth, limited configurability | |
| Security model | Enforces your `ir.model.access` + record rules | Only as good as your implementation | Honors ORM rules but generic exposure | |
| Fit to your models | Scoped to your exact models and workflows | Fully custom, at full custom cost | One-size-fits-all, tune within its limits | |
| Custom action endpoints | Business methods exposed (confirm, validate, post) | Possible, more build effort | Rarely; CRUD-focused | |
| Errors & pagination | Typed status codes, `limit`/`offset`, counts | You design and maintain it | Standardized but inflexible | |
| Support & updates | Post-go-live window + quoted enhancements | Your team owns it forever | Vendor forum / ticket queue | |
| Ownership | Full source + git repo handover, no lock-in | You own it (you built it) | Licensed module, vendor-controlled |
This is build-to-order, not an instant download. After a scoping call to confirm the exact models, auth scheme, and Odoo version, typical delivery is 2 to 4 weeks from confirmed scope. Larger surfaces — many models, custom action endpoints, multi-company isolation, or webhooks — sit at the upper end of that range, and we give you a target date in writing before work starts.
Pricing starts from $249 as an indicative figure for a single-company base scope. The final number depends on how many models and custom endpoints you expose, whether you need XML alongside JSON, multi-company record-rule isolation, webhooks, and documentation depth. You get a fixed, written quote after the scoping call — the from-price is a starting point, not a firm all-in price.
Odoo's native `XML-RPC`/`JSON-RPC` endpoints are RPC-shaped — every call is a method invocation like `execute_kw` against a model, with login-based auth returning a numeric `uid`. This gateway gives you resource-shaped REST: real HTTP verbs mapped to `GET`/`POST`/`PUT`/`DELETE`, token auth, pagination, field selection, versioned URLs, and consistent typed error codes. It's built on the same ORM, so your security rules still apply, but it's far cleaner for external consumers.
No. The gateway runs each request as a dedicated scoped integration user, so your existing `ir.model.access.csv` access rights and `ir.rule` record rules are enforced unchanged, including multi-company isolation. Authentication uses API keys/tokens rather than session cookies or master credentials, and we add per-key rate limiting plus request logging so every call is auditable.
Every build includes a post-go-live support window for defect fixes and integration questions. Because you receive the full source and git repository, you own the code outright. When you upgrade Odoo (for example 18.0 to 19.0) or want new endpoints added, we offer a separately quoted maintenance or enhancement engagement — nothing is locked behind a subscription you can't leave.
We build for Odoo `17.0`, `18.0`, and `19.0`, on both Community and Enterprise. We confirm your edition during scoping because Enterprise-only models (certain accounting, field-service, or subscription objects) can only be exposed if your license includes them. The delivered module targets your specific version and is tested against it on staging before production.
Yes. Computed (`@api.depends`), related, and relational fields are serialized in a stable, documented shape. Beyond CRUD, we can expose custom action endpoints that call your own model methods — confirming a sale order, validating a picking, posting an invoice — so external clients trigger real Odoo workflows instead of trying to replicate business logic themselves.
A made-to-order REST layer that exposes your Odoo models over standard HTTP verbs (GET, POST, PUT, DELETE) with JSON or XML payloads, token authentication, and access-rule enforcement. ECOSIRE scopes, builds, installs, and supports it for your exact integration needs.