In Odoo, a user is defined as any individual who possesses access to a database. Administrators have the capability to create an unlimited number of users as required by the company. To ensure data security and relevance, specific rules can be applied to each user, thereby restricting the type of information they can access. Both users and their associated access rights can be configured and modified at any time to adapt to evolving organizational needs.
Managing Odoo Users: A Comprehensive Guide
Add Individual Users
To onboard new users into your Odoo system, navigate to Settings » Users » Users, and then click on the Create button. This action will present you with a form to enter the new user's details.
Complete the form with all the necessary information for the user. Crucially, under the Access Rights tab, you will define the user's permissions by selecting the appropriate group within each installed application. This granular control ensures that each user only has access to the functionalities and data relevant to their role.
The applications displayed in this list are directly determined by the applications currently installed on your Odoo database.
Once all required fields have been accurately filled, click Save. An invitation email will be automatically dispatched to the email address provided in the Email Address field. The new user must click on the link within this email to accept the invitation and establish their login credentials for the Odoo database.
Warning: If your company operates on a monthly subscription plan, the database will automatically update to reflect the addition of new users. However, for companies on yearly or multi-year plans, an expiration banner will appear within the database. To update your subscription and resolve this, you can click the banner to create an upsell quotation. Alternatively, you may send a support ticket to the Odoo team for assistance.
User Types Explained
When operating in developer mode, the User Type field becomes accessible from the Access Rights tab of the user form. This option can be found by navigating to Settings » Users » Users and selecting a specific user.
Odoo categorizes users into three distinct types: Internal User, Portal, and Public.
Tip: Internal users are those who interact directly with the Odoo database from within the company. Portal users are external individuals who are granted limited access, typically to view specific records through the database's designated portal interface. For more detailed information, refer to the documentation on Portal Access. Public users, on the other hand, are visitors accessing your website through its frontend without specific login credentials.
It is important to note that the Portal and Public user options do not allow administrators to explicitly choose access rights. These user types come with specific, pre-configured access rights, including record rules and restricted menus, and generally do not belong to the standard Odoo user groups. This streamlined approach ensures a secure and controlled environment for external and public interactions.
Deactivate Users
Should the need arise to deactivate or archive a user, navigate to Settings » Users » Users. From the list of users, tick the checkbox located to the left of the user(s) you wish to deactivate. After selecting the appropriate user(s), click on the ⚙️ Actions icon, and then choose Archive from the ensuing drop-down menu. Confirm your action by clicking OK in the confirmation pop-up window that appears.
Danger: It is critically important to never deactivate the main administrator user (admin). Modifying or deactivating admin users can have severe adverse effects on the database, potentially leading to an "impotent admin" state where no user can make changes to access rights. For this reason, Odoo strongly advises contacting an Odoo Business Analyst or their Support Team before making any changes to administrator users.
Error: Too Many Users
If your Odoo database contains more users than are provisioned in your Odoo Enterprise subscription, the system will display a specific warning message indicating an over-subscription. This ensures compliance with your licensing agreement.
Upon the appearance of this message, the database administrator has a 30-day grace period to address the issue before the database is subject to expiration. A daily countdown timer will be visible, indicating the remaining days.
To rectify this situation, you have two primary options:
- Upgrade Your Subscription: Click the "Upgrade your subscription" link displayed within the message. This will allow you to validate an upsell quotation and pay for the additional users, bringing your database into compliance.
- Deactivate Unnecessary Users: Archive users who no longer require access to the system. After deactivating the surplus users, you can then reject any pending upsell quotation.
Warning: For monthly subscription plans, the database automatically adjusts to reflect any added users. However, for yearly or multi-year plans, an expiration banner will appear. To update your subscription, you can click this banner to generate an upsell quotation. Alternatively, users can submit a support ticket for direct assistance from Odoo support.
Once the number of users in the database aligns with your subscription, the expiration message will automatically disappear after a few days, following the next system verification cycle.
Password Management
Effective password management is paramount for granting users secure and autonomous access to the Odoo database. Odoo provides several straightforward methods for users to reset their passwords, ensuring continuity and security.
Tip: Odoo allows you to define a minimum length for user passwords. This security setting can be configured by navigating to Settings » General Settings » Permissions section. Here, you can enter your desired password length in the Minimum Password Length field. By default, this value is set to
8characters, but it can be adjusted to meet your organization's security policies.
Reset Password Options
Users may occasionally wish to reset their personal password to enhance security and ensure they retain exclusive access. Odoo facilitates this with two distinct reset options: one initiated directly by the user, and another triggered by an administrator.
Enable Password Reset from Login Page
The ability for users to reset their passwords directly from the Odoo login page can be enabled or disabled according to your preferences. This functionality is enabled by default, offering convenience to users. To manage this setting, go to Settings » General Settings » Permissions section, activate the Password Reset option, and then click Save to apply your changes.
When enabled, users can simply click the Reset Password link on the login page to initiate the password reset process. This action will send a unique reset token to the email address associated with their Odoo account, guiding them through the steps to create a new password.
Send Reset Instructions (Admin Initiated)
An administrator can also initiate a password reset for a user. To do this, navigate to Settings » Users » Users, select the specific user from the list, and then click on Send Password Reset Instructions on their user form. An email containing comprehensive password reset instructions will be automatically sent to the user.
Note: The Send Password Reset Instructions button will only appear if the Odoo invitation email has already been successfully confirmed by the user. If the invitation has not been accepted, a Re-send Invitation Email button will be displayed instead.
This email provides all the necessary guidance for the user to reset their password, along with a secure link that redirects them to an Odoo login page where they can complete the process.
Change User Password (Admin Direct)
Administrators have the capability to directly change a user's password. To perform this action, go to Settings » Users » Users, and select the desired user to access their user form. Click on the ⚙️ Actions icon, and from the resulting drop-down menu, choose Change Password. A pop-up window will appear, prompting you to enter a new password in the New Password field. Confirm the change by clicking Change Password.
Note: This operation only modifies the password for the user within the local Odoo database and does not impact their odoo.com account credentials. If the odoo.com password requires alteration, users should utilize the send password reset instructions method. Odoo.com passwords grant access to the My Databases page and other portal-related features.
After successfully changing the password, the page will redirect to an Odoo login screen, allowing the user to re-access the database using their newly established password.
Multi-Company Configuration for Users
The Multi Companies field on a user's form is a powerful feature that enables an administrator to grant existing users access to multiple companies within a single Odoo instance. To configure a multi-company environment for a user, navigate to the specific user's settings by going to Settings » Users » Users. Select the user to open their detailed user form, where you can then configure their multi-company access.
Within the Access Rights tab, locate the Multi Companies section. Here, you will find two crucial fields: Allowed Companies and Default Company.
- The Allowed Companies field permits the selection of multiple companies. These are the companies that the user will be able to access and modify, always in accordance with their assigned access rights.
- The Default Company field, conversely, can contain only one company. This is the company that the user will automatically default to upon logging into Odoo each time.
Warning: Incorrect configuration of multi-company access can lead to inconsistent and problematic behaviors within the multi-company setup. Therefore, it is strongly recommended that only experienced Odoo users who fully understand the implications make changes to user access rights in databases configured for multi-company operations. For in-depth technical explanations, please refer to the developer documentation on Multi-company Guidelines.
