Access control that is safe to change
Restrict menus, models, fields, exports and chatter for any user from one no-code dashboard — and preview exactly what changes before you save. Enforced on the server, on top of Odoo's own access rights.
The problem
Native Odoo access is powerful but scattered across security groups, model access rights and record rules in developer mode. Non-technical admins over-provision users, and a wrong toggle is only discovered when someone hits an "Access Denied" error.
The solution
One dashboard of reusable Access Profiles you assign to users. An impact preview shows what each user keeps and loses before you commit, conflicts are flagged inline, and self-lockout protection keeps you from locking yourself — or the super-user — out.
Everything you need to lock down access
Every capability below is implemented in the module.
Central Access Profiles
Build reusable, named permission sets and assign them to any set of users. Combine several profiles per user, scope one to a single company, or give it an activation and expiry date for temporary staff.
Per-Model CRUD Control
Block Create, View, Edit or Delete on any model with a simple tick. Rules are enforced server-side and only ever narrow what Odoo already allows.
Menu & Submenu Hiding
Hide navigation entries per profile so users only see what they use. Hiding a parent menu automatically hides every menu beneath it.
Field-Level Control
Set individual fields to read-only or hidden per profile to protect sensitive data such as salary, cost or margin without hiding the whole record.
Read-Only & Data Locks
Make a profile read-only with one switch, and separately block export, import, duplicate and archive to stop data exfiltration and accidental bulk changes.
Developer Mode & Chatter
Keep non-technical users out of debug mode, and separately restrict Send Message, Log Note and Schedule Activity so messaging matches each role.
Impact Preview Before Save
Open a profile and see a clear list of exactly which capabilities and models the affected users keep or lose — before anyone is restricted. No more surprise "Access Denied" support tickets.
Conflict Detection & Safety
When two profiles give the same user contradictory rules, the conflict is flagged inline. Self-lockout protection refuses any change that would strip the super-user or your own ability to manage access.
Templates, Bulk & Audit
Start from ready-made role templates, assign or revoke a profile across many users at once, offboard leavers in one action, and review a full audit trail of every access change — who, what and when.
How it works
Create a Profile
Pick capabilities, models, menus and fields — or start from a template.
Preview the Impact
Check exactly what users keep and lose before anyone is affected.
Assign to Users
Apply individually or in bulk, with an optional activation window.
Stay in Control
Watch for conflicts, review the audit trail, and offboard in one click.
Frequently asked
No sales fog. If your question isn't here, email us and we'll answer it the same way.
No. Every rule is enforced on the server on top of Odoo's own access rights and record rules, and only ever narrows access — it never grants more than a user already has.
Buy it on the Odoo App Store
Purchase, download and install directly from the official Odoo Apps Store — you'll always get the latest supported build.
Access Management
Safe, no-code access management for Odoo — restrict, preview and audit every permission change from one dashboard.
Buy on Odoo App Store