Odoo IP Restriction with Per-User Access Control
Stop unauthorized logins before passwords are even checked. Allow trusted IPs per user, block every URL and API bypass route, and keep an audit trail your compliance team can review with confidence.
- Control Odoo access by approved office, VPN, or branch network.
- Block unsafe login, backend, API, RPC, and mobile access attempts.
- Track denied access with clear logs for admin and audit review.
Odoo IP Access Control Module Highlights
A quick overview of how the module protects Odoo access, reduces setup effort, and keeps security management simple.
Secure Your Odoo LoginKey Features of the Odoo IP Restriction Module
Control who can access Odoo, where they can connect from, and how blocked login attempts are handled. Built by an experienced Odoo development company in India, this module supports secure per-user access control for growing teams.
Protect Your Odoo AccessPer-user IP whitelist
Set different approved IPs for admins, finance users, staff, and remote teams.
Quick access toggle
Enable or pause IP restrictions without removing saved approved IP records.
Full access protection
Block unauthorized access across login pages, dashboards, mobile apps, and API connections.
Current IP visibility
Show the user’s active IP inside Odoo to speed up approval and support tasks.
Blocked access logs
Track denied access attempts with useful details for audits and security reviews.
Clear user warning
Show blocked users their current IP address so admins can solve issues faster.
What Is Location-Bound Trust in Odoo IP Access Control?
Odoo IP Access Control verifies both user identity and approved network location before access starts.
Pre-authentication enforcement
The IP check runs before password validation, so unapproved networks cannot test credentials.
Per-user access control
Assign different IP rules for finance users, admins, interns, and remote teams.
Every-request validation
Validate UI, API, RPC, webhook, and mobile calls after login, not only the first session.
This Odoo IP Access Control module is location-bound by design, so it protects routes that login-only IP restriction tools may miss.
Odoo IP Access Control vs 2FA: Which Security Layer Do You Need?
Short answer: both. IP restriction and 2FA solve different access risks, and they work better when used together.
Strengthen Odoo Security| IP Restriction | 2FA | |
|---|---|---|
| Blocks | Logins from untrusted networks | Logins by someone who is not the user |
| When it triggers | Before password check | After password check |
| Stops | Stolen credentials used from foreign IPs | Stolen credentials used without verification |
| User friction | None for approved networks | Adds one verification step per login |
| Best for | Finance, admin, HR, and fixed-location users | All users who need account-level protection |
Think of IP restriction as the perimeter wall and 2FA as the second key to the front door. Even if an attacker gets credentials, Odoo IP Access Control still blocks access from unapproved networks.
How to Whitelist IPs in Odoo IP Access Control
Configure user-level IP restrictions directly inside Odoo without code changes, Nginx edits, or server-level scripting.
- 1
Enable IP control per user
Go to
Settings→Users→ select the user → open the IP Access Control tab and turn on the access toggle. - 2
Add approved IP addresses
Add one or more allowed IPs with optional labels such as Office, Home, VPN, or Branch. Only listed IPs can access that user account.
- 3
Block unapproved access
Any login or request from a non-whitelisted IP is blocked instantly. The blocked user also sees a clear warning with their current IP.
Odoo IP Access Control Use Cases for Real Businesses
These IP whitelist use cases help teams protect admin users, finance roles, remote access, and sensitive Odoo records. For real security workflow proof, review the Odoo IP Access Control case study.
Secure Business Access in OdooHybrid office and remote teams
Restrict admin users to office and VPN IPs, while remote teams use approved home or mobile VPN networks.
Finance users handling payments
Lock Accounts Payable (AP), Accounts Receivable (AR), and accounting users to approved office networks.
Healthcare teams using Odoo
Restrict users handling patient-related records to clinic IPs and keep blocked-access logs for review.
Multi-region business access
Limit critical accounts to branch or country-specific IPs to block access from unapproved locations.
Odoo partners and Managed Service Providers
Restrict super-admin and consultant accounts to approved office and VPN IPs.
Temporary user restriction
Keep accounts active while limiting access during leave, review, or security checks.
Why Choose SDLC Corp’s Odoo IP Access Control?
Compare the module against typical Odoo IP restriction alternatives by access depth, audit visibility, request-level protection, license clarity, and pricing.
Compare Odoo Security Features| Capability | SDLC IP Access Control | Typical Alternatives |
|---|---|---|
| Per-user IP whitelist | With labels | Often global only |
| Login plus every-request enforcement | Dual-layer | Login-only |
| Toggle without deleting IPs | Included | Often re-entry needed |
| Audit logging built in | Included | Rarely documented |
| Blocks API and mobile bypass | Covered | Known gaps |
| Shows blocked user’s IP | Visible to user | Generic error only |
| Odoo 19 ready | Day-one support | Often delayed |
| License | LGPL-3 open license | Often proprietary |
| Free lifetime updates | Included | Often paid |
| Price | $4.95 one-time | $20 to $80+ |
Best fit: This section works well as a decision-stage comparison block because it shows practical security depth, pricing clarity, and Odoo 19 readiness in one scan-friendly table.
Related Odoo IP Access Control Security Guides
Explore advanced Odoo security resources covering 2FA, IP restriction, session protection, compliance workflows, and enterprise-grade ERP access best practices.
Odoo 2FA setup and IP restriction security layer
Learn how to combine 2FA with IP-based control for stronger login protection.
Find your Odoo user’s current IP address securely
Quickly locate the correct IP for whitelist setup and remote access control.
Odoo session hijacking risks and prevention guide
Understand how to stop stolen sessions from being used outside trusted networks.
Odoo security checklist for SOC 2 readiness
Use a practical checklist to improve audit readiness and security compliance.
Frequently asked questions
Get clear answers about Odoo IP access control, supported environments, security coverage, and setup options.
IP access control limits which network addresses can access your Odoo instance. Instead of allowing every login attempt with valid credentials, you can allow trusted IPs for each user. As a result, access from unknown networks is blocked early.
No, if you configure it carefully. You can allow multiple IPs for each user, such as office, home, or VPN IPs. For dynamic IPs, use a VPN with a static exit IP and allow that IP.
Yes. The module supports Odoo Online, Odoo.sh, and on-premise deployment for v19.0.1.0.0. An Odoo 18 version is also available.
Yes. Request-layer enforcement covers Odoo UI routes, REST calls, JSON-RPC API calls, webhooks, and the Odoo mobile app. Therefore, access rules apply beyond the login screen.
No. IP access control works best as an added security layer. It helps stop access from untrusted networks, while 2FA helps protect against stolen passwords.
No measurable slowdown is expected. Each request runs a simple IP comparison, so the module stays lightweight and easy to audit.
If someone uses a valid session from an unapproved IP, the request-layer check can block the next request. This adds protection beyond login-only checks.
Yes. The module is released under LGPL-3, so your technical or security team can review the source code before installation.
- Contact Us
Let’s Talk About Your Product
What happens next?
- We review your requirements
- Strategy call with experts
- Clear roadmap & estimate
- NDA Protected
- Enterprise Grade Delivery
- Global Clients
- By submitting this form, you acknowledge that SDLC Corp may process your details to respond to your inquiry. See our Privacy Policy and Cookie Notice.
