AI Governance

Decide what AI can do in your Odoo

Name: MCP Pro Governance for Odoo
Availability: InStock

A limited role per key, and a log of every call.

By default, an AI connected to Odoo can do everything its user can. This free addon binds each key to a role you choose and logs every call it makes.

Free · Open source (AGPL-3) · Useful from your first user

Install free in the App Store Talk to us

The concern

By default, AI gets the keys to everything

An Odoo API key carries every permission of the user it belongs to. For an AI integration, that means three problems.

Full access

The key can do anything its owner can: read sales orders, delete contacts, post to the accounting journals.

No trail

Odoo doesn't record which call changed what. Afterwards you can't tell what the AI touched.

Hard to revoke

The key is shared with people and other tools, so pulling it breaks more than the one integration.

Inside your Odoo

A key per use case, each with its own scope

Give each integration its own key: your n8n automation, your Claude connection over MCP, a cron job, all separate from how you log in yourself. Each key gets a role, and the audit log shows which one did what. It runs on Odoo's own roles and access groups, so there's no parallel permission system to maintain.

Selecting a role for a new API key in Odoo — **Scoped API keys.** Pick a role when you create a key. The key can't do more than the role.

User Roles list in Odoo with Sales, Administrator and Accountants — **Role-based access control.** Define a role like CRM Reader or Accountant, or copy one from an existing user, then reuse it.

Role form in Odoo showing access per area — **Permissions per role.** Tick which areas a role can reach: sales, contacts, accounting, and the rest. Standard Odoo access groups.

Audit log in Odoo showing one row per API call — **Audit log.** Every call logged per key, so you see whether it was Claude, n8n or a script, and what it changed.

How it fits

A companion to MCP Pro, not a replacement

Architecture diagram: AI client to MCP Pro server to Odoo, with scoped keys and audit log

This addon runs inside your Odoo. The MCP server that connects AI to it is our separate hosted product, running outside Odoo.

You can use either on its own. The addon governs any API integration, not just AI.

Discover Odoo MCP Pro →

Works with Odoo 17, 18 and 19, Community and Enterprise
Built on OCA base_user_role and auditlog
No data leaves your Odoo. No telemetry.

From MCP Pro users

Teams already running AI on their Odoo

Our team lives inside Odoo. The Pantalytics MCP server has changed how we work. Pulling open quotes, following up with customers, creating sales orders, straight from chat. Saves us real hours every week.

Freek Bos Thuisbatterijnederland.nl

The MCP is working great! Definitely worth it.

Daniel Degetau Pigmentum

Love love love your tool!

Andrew Law Odoo It Yourself

Growing team?

More than 10 users? We'll set it up with you

Past ten people, with AI on real orders, invoices and customer data, the roles and audit rules get more involved. We'll help you match them to how your team works.

Talk to us

Technical details

Technical name pan_mcp_pro_governance

Price Free

License AGPL-3 (open source)

Compatibility Odoo 17, 18 and 19, Community and Enterprise

Dependencies OCA base_user_role, auditlog (bundled)

Developer Pantalytics B.V.

View source on GitHub →

Install it in a few minutes

Set it up yourself, free. More than ten users, or want a hand? Talk to us.

Install free in the App Store Talk to us

Frequently asked questions

Is this an MCP server?

No. This addon adds governance to API integrations inside Odoo. The MCP server that exposes Odoo to Claude and ChatGPT is a separate hosted product. The two are independent: you can use either without the other.

Does it really cost nothing?

Yes. It's free and open source under AGPL-3, available on the Odoo App Store and on GitHub.

Do I need extra paid Odoo users for each integration?

No. One paid Internal User can hold many API keys, each bound to a different role, without extra licences. The user is the billing unit; the role is the capability surface.

Does it work with tools other than Claude or ChatGPT?

Yes. Because it governs API keys at the Odoo level, it works for any integration: n8n, cron jobs, custom scripts, or any MCP server.

Will it affect normal users clicking through Odoo?

No. The permission narrowing only fires when a request authenticated via a role-bound API key. UI sessions are unaffected.

Can I install it on Odoo Online?

Odoo Online restricts custom addons. If you can't install addons, our hosted MCP server is the easier path; install this companion once you move to a setup that allows custom modules and need governance.

New to AI governance?

Our white paper explains what AI governance in Odoo means, and why it matters as you let AI do more.

Read the AI in ERP white paper