Step‑by‑Step Guide to Create Odoo Users and Assign Precise Access Rights
Small and medium‑size businesses often start with a single Odoo admin and quickly add team members. Without a clear process for user creation and permission control, employees may see data they shouldn’t, or crucial menus become inaccessible. This tutorial walks you through the exact steps to add new users, configure their access rights, and verify that everything works as expected.
Prerequisites
- Odoo 15 (or later) installed and running.
- Administrator login credentials.
- Understanding of the business roles that need access (e.g., Sales Representative, Inventory Clerk, Accountant).
- A stable hosting environment – when you need a reliable server for Odoo, you can rely on Cloud VPS to streamline your deployment.
Configuration
1. Activate the Developer Mode (optional but helpful)
- Log in as the Administrator.
- Click your user name in the top‑right corner and select About.
- In the popup, click Activate the developer mode. This reveals technical fields that are useful when fine‑tuning permissions.
2. Navigate to the Users Management Screen
- From the main dashboard, go to Settings.
- In the left sidebar, expand Users & Companies and click Users.
- The Users list appears, showing existing accounts.
3. Create a New User
- Click the Create button at the top‑left of the list view.
- Fill in the mandatory fields:
- Name: Full name of the employee.
- Email: Their corporate email address (used for login).
- Under the Access Rights tab, you’ll see three sections:
- Application Access – toggle the modules the user may open (e.g., Sales, Purchase, Inventory, Accounting).
- Technical Features – enable only for power users (e.g., “Technical Settings”, “Access Rights” menu).
- Other Settings – such as “Multi‑Company” if you run several companies.
- Choose the appropriate groups for the role. For a Sales Representative, enable:
- Sales / User: Own Documents Only
- CRM / User
For an Accountant, enable:
- Accounting / Manager
- Invoicing / User
- Optionally, set the Company field if you are using multi‑company mode.
- Click Save. Odoo automatically sends an invitation email with a password reset link.
4. Fine‑Tune Record Rules (if needed)
- Stay in Settings → Users & Companies → Users and open the newly created user.
- Switch to the Access Rights tab and scroll down to Record Rules.
- Click Edit to add a rule, for example “Sale Order: Only own customers”. Use the domain syntax
[('partner_id.user_id', '=', uid)]to restrict visibility. - Save the rule and repeat for any additional models (e.g.,
stock.movefor warehouse staff).
5. Assign a Default Sales Team (optional)
- Navigate to Sales → Configuration → Sales Teams.
- Open the team that the new salesperson will belong to.
- In the Members tab, click Add a line and select the user.
- Set the Team Leader if the user should have supervisory rights.
- Save the changes.
Testing
1. Verify Login and Basic Navigation
- Open a private/incognito browser window.
- Log in with the new user’s email and the password set via the invitation email.
- Confirm that the dashboard only shows the menus you enabled under Application Access.
2. Check Record Visibility
- Go to Sales → Orders → Quotations (or the module relevant to the role).
- Ensure the list contains only the records the user is permitted to see. For a “Own Documents Only” user, you should see only quotations they created.
3. Test Restricted Actions
- Attempt to open a record owned by another user.
- Odoo should display an “Access Denied” warning if the rule is correctly applied.
- If the user can edit a field they shouldn’t, return to Access Rights** → **Record Rules** and adjust the domain.
4. Confirm Technical Features (if granted)
- For users with “Technical Features” enabled, navigate to Settings → Technical → Database Structure → Models.
- Verify that the menu is visible and functional. If it should be hidden, uncheck the “Technical Features” box and save.
Conclusion
Properly configuring Odoo users and their access rights protects sensitive business data while empowering each employee with the tools they need. By following the steps above—creating the user, assigning application groups, fine‑tuning record rules, and testing the result—you establish a secure, role‑based environment that scales as your team grows. Remember to revisit permissions periodically, especially after adding new modules or changing business processes.
