High-performance Odoo reverse proxy · v0.1.0

One secure API in front of every Odoo.

ODXProxy is a high-performance Rust reverse proxy that gives your apps one safe, unified JSON-RPC API in front of any number of Odoo instances — with auth, a method allowlist, metrics, and clustering out of the box.

Odoo as the brain, not the interface.

ODXProxy is the seam between your business logic and your users. Odoo stays the engine and the gatekeeper — business rules, permissions, and the single source of truth — while people interact through natural, purpose-built interfaces on a separate layer.

The result: the ERP is fed by the work people already do — a form, a mobile app, a portal, a bot. They contribute to the business and its data through workflows that feel natural, often without ever “using the ERP.”

Presentation layer

Web & mobile appsPortalsBotsSpreadsheetsForms

ODXProxy

one safe JSON-RPC seam

Odoo

business logic · permissions · system of record

the engine & gatekeeper — never exposed directly

Request
POST /api/odoo/execute
x-api-key: <PROXY_API_KEY>
Content-Type: application/json

{
  "id": "01J9Z8K3QJ7Y5T2N6V4W8X0ABC",
  "action": "search_read",
  "model_id": "res.partner",
  "params": [[["is_company", "=", true]]],
  "keyword": { "fields": ["name", "email"], "limit": 10 },
  "odoo_instance": {
    "url": "https://erp.example.com",
    "db": "prod",
    "user_id": 2,
    "api_key": "<ODOO_USER_API_KEY>"
  }
}
Response
200 OK

{
  "jsonrpc": "2.0",
  "id": "01J9Z8K3QJ7Y5T2N6V4W8X0ABC",
  "result": [
    { "name": "Acme Corp", "email": "hello@acme.example" }
  ]
}

Note: an Odoo logic error comes back as HTTP 200 with an error object — always check the error field, not just the status.

Self-host in one container.

ODXProxy ships as a single distroless image that runs as a non-root user (UID 65532) and refuses to run as root. Pull it, point it at your license, and you have a secure API in front of Odoo.

Deployment guide →
Deploy
docker pull terrakernel/odxproxy

docker run -p 3000:3000 \
  -e LICENSE_KEY=<your-license-key> \
  terrakernel/odxproxy

Illustrative — see the getting-started guide for the full run command, ports, and environment.

Works with your stack

Skip the wire format — use a native client. One protocol, official SDKs for the languages your apps already speak.

How a request flows

  1. 1

    Integrity check

    Validated on every request against a trusted clock — not the system clock.

  2. 2

    Transforming request

    The action is validated against the 9-method allowlist and mapped to Odoo's call.

  3. 3

    Forward to Odoo

    The call runs against the Odoo instance named in the request body.

  4. 4

    JSON-RPC reply

    A clean JSON-RPC 2.0 envelope comes back — result or error.

High performance, built on Rust

ODXProxy is written in Rust on an async, non-blocking stack. It adds a thin, predictable layer in front of Odoo — high throughput and low latency, with a small memory footprint that’s comfortable to run anywhere.

Rust

A compiled, memory-safe systems language — no garbage-collection pauses and a tiny runtime footprint under load.

Tokio

A battle-tested asynchronous runtime that handles thousands of concurrent Odoo calls on a small thread pool.

Axum + Hyper

An ergonomic HTTP stack speaking HTTP/1.1 and HTTP/2, with built-in br / gzip / deflate response compression.

Why ODXProxy

One front door for many Odoo instances

The target Odoo instance is specified per request, so a single proxy deployment can route to many backends — ideal for multi-tenant SaaS, agencies, and microservice fleets.

A safer, smaller API surface

Odoo's execute_kw can call any model method. ODXProxy restricts callers to a curated allowlist of 9 actions, shrinking the blast radius of a leaked credential.

Call any Odoo business method

Beyond CRUD — invoke a model's public methods by name to trigger real Odoo workflows like posting an invoice or confirming an order, still authenticated and scoped to the Odoo user's own permissions.

A uniform, language-agnostic protocol

Every response is a clean JSON-RPC 2.0 envelope, so SDKs in Python, Swift, Java, JavaScript, and PHP all speak one simple spec.

Operational hardening built in

Refuses to run as root, ships systemd/OpenRC hardening and a distroless nonroot image, and shuts down gracefully under load.

Observability built in

A Prometheus metrics endpoint, structured JSON logs, and a request id on every call you can trace end to end — so you can see exactly how your Odoo traffic behaves.

Tamper-resistant by design

Cryptographically signed (ECDSA P-256) and re-validated on every request against a trusted external time source, so a rolled-back system clock can't slip past integrity checks.

Clustering ready

Optional Redis-based heartbeat and upstream pools let you run a fleet of proxies behind one address.

Stop wiring every app to Odoo’s raw RPC.

Deploy the proxy, set one API key, and make your first request in minutes.