eyeot-mcp
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@eyeot-mcpShow me the pending purchase orders."
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
eyeot-mcp
Plug Claude Desktop into your ERP.
Official stdio ↔ HTTP bridge for the eyeot ERP MCP server.
~600 business tools, one pip install.
Landing page · Docs · PyPI · Issues
⚡ 60-second install
pip install eyeot-mcp # 1. install the bridge
eyeot-mcp login # 2. authenticate via browser (OAuth Device Flow)Then paste into your Claude Desktop config:
{
"mcpServers": {
"eyeot": {
"command": "eyeot-mcp"
}
}
}Restart Claude Desktop. Done. Ask: "List my last 5 invoices."
Config location · macOS
~/Library/Application Support/Claude/claude_desktop_config.json· Windows%APPDATA%\Claude\claude_desktop_config.json
Related MCP server: Odoo MCP Server
🧩 What is this?
The eyeot ERP exposes ~600 business actions — CRM, sales, stock, maintenance, HR, finance, IT service management, GED, RGPD compliance, plus 6 V2 marketplace modules (POS, delivery & routing, recruitment, BPM, field service, supply chain) — as MCP tools over HTTPS.
But Claude Desktop, Cursor, and most local agents only speak MCP over stdio.
eyeot-mcp is the missing piece between them.
flowchart LR
A["🤖 Claude Desktop<br/>Cursor / custom agent"] -- "JSON-RPC<br/>over stdio" --> B["📦 eyeot-mcp<br/>(this package)"]
B -- "HTTPS POST<br/>Bearer token" --> C["🏢 eyeot ERP<br/>(your tenant)"]
C -. "Auth · RBAC · audit<br/>multi-tenant isolation<br/>license guard" .-> C
style A fill:#eef2ff,stroke:#6366f1,color:#1e293b
style B fill:#f0fdf4,stroke:#10b981,color:#065f46
style C fill:#fef3c7,stroke:#f59e0b,color:#78350fZero business logic in the bridge. Everything happens server-side — auth, RBAC, audit logging, license enforcement, multi-tenant isolation, idempotency. The CLI is ~290 lines of Python standard library. You can audit it in 10 minutes.
🎯 What can your agent do?
After install, your MCP client gets access to actions like:
Domain | Try saying… |
💼 CRM | "Create a quote for ACME — 10 units of PROD-001 at standard tariff." |
📊 Sales | "List my last 5 invoices and their payment status." |
📦 Stock | "Which products in Lyon site are below the critical threshold?" |
🔧 Maintenance | "Which equipment is overdue for preventive maintenance this week?" |
👥 HR | "Show me pending leave requests for my team." |
💰 Finance | "What's the revenue forecast for Q3 by business unit?" |
🎫 IT support | "Open a ticket: VPN is down for the marketing team, P1." |
📄 GED | "Find all signed NDAs for partner XYZ." |
🧠 Intelligence | "Customer-health distribution across all active accounts." |
🧾 POS / Caisse | "Today's Z-report total for the Lyon register." |
🚚 Delivery | "Optimize today's route for vehicle TL-204 and notify recipients." |
🧑💼 Recruitment | "Shortlist candidates for the senior developer posting." |
⚙️ Process / BPM | "Which approval tasks are pending in my inbox?" |
🏗️ Field service | "Schedule a site intervention for client XYZ next Tuesday." |
🔩 Supply chain | "Run MRP and list the components to reorder this week." |
…and ~590 more, auto-generated from the OpenAPI spec.
🔐 Authentication
Two modes, same Bearer header on the wire, same Authorization decorator server-side.
🤖 OAuth 2.1 (humans)
🔑 API key (services)
For Claude Desktop, Cursor, personal agents.
eyeot-mcp loginOpens browser → approve → done. Credentials saved to ~/.eyeot-mcp/config.json (mode 0600).
Token format:
eya_<base64>access +eyr_<base64>refreshLifetime: 1 h access / 30 d refresh
PKCE S256 mandatory (public clients)
Refresh rotation with replay detection — a stolen refresh kills the whole token family
The CLI auto-refreshes the access token (proactively before expiry + on a 401) — stay connected for the full 30-day refresh window without re-running
login
For CI/CD agents, batch jobs, server-to-server.
{
"mcpServers": {
"eyeot": {
"command": "eyeot-mcp",
"env": { "EYEOT_TOKEN": "eyk_xxx_xxx" }
}
}
}Issued by an org admin from the eyeot ERP settings panel.
Token format:
eyk_<prefix>_<secret>Lifetime: until revoked
Scope: org-wide, configurable RBAC
🛡️ Security model
🔒
OAuth 2.1 + PKCE
Public clients use PKCE S256. Refresh rotation with replay detection.
👮
Server-side RBAC
Every tool call goes through the same @permissions_required decorators as the UI.
📝
Full audit trail
Every action logged with user + tenant + IP. RGPD-compliant retention.
💳
License grace
Subscription lapsed? GETs still work so the agent can inform you. POSTs return 402 with activate_url.
Local credentials stored at
~/.eyeot-mcp/config.jsonwith file mode0600(POSIX). On Windows, file ACLs apply. No telemetry, no phone-home.
🏗️ Self-hosting
Point the bridge at any eyeot deployment with --base-url:
eyeot-mcp --base-url https://erp.example.com login{
"mcpServers": {
"eyeot": {
"command": "eyeot-mcp",
"args": ["--base-url", "https://erp.example.com"]
}
}
}Same protocol, same auth, your infra.
📚 Commands
Command | Description |
| Start the stdio bridge using saved credentials (default mode — what Claude Desktop runs) |
| Browser-based OAuth Device Authorization Grant |
| Revoke refresh token server-side, delete local credentials |
| One-shot mode with an explicit API key |
| Target a self-hosted deployment |
🔧 How it works (under the hood)
Claude Desktop spawns
eyeot-mcpas a child process, exchanges JSON-RPC 2.0 over its stdin/stdout pipes.For each line received on stdin, the bridge
POSTs the JSON to${base_url}/api/v1/mcpwithAuthorization: Bearer <token>.The HTTP response is written verbatim to stdout, framed as line-delimited JSON.
The server speaks MCP
2024-11-05and auto-generates ~600 tools from the OpenAPI spec —initialize,tools/list,tools/callall work exactly as MCP clients expect.
No state in the bridge. No protocol translation beyond transport. No surprises.
📖 Resources
Landing & install
API
Spec & protocol
🧭 Versioning
This package: Semantic Versioning. Major bumps may change CLI flags or the on-disk config schema.
MCP protocol:
2024-11-05(negotiated server-side).ERP API:
/api/v1(stable). Breaking changes ship as/api/v2.
📄 License
MIT — fork it, package it, audit it, build on top of it.
The eyeot ERP backend is a separate, proprietary product of Eyeot Software. This bridge is open-source so anyone can audit it, fork it, package it for their distro, or use it as a reference for building their own MCP clients.
ERP by Eyeot Software
Multi-tenant, AI-native ERP for SMBs. Built to be operated by AI agents from day one.
Every action you can do in the UI, you can do via this bridge.
🌐 erp.eyeot.fr · ✉️ contact@eyeot.fr
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/Termi24/ERP-by-Eyeot-Software'
If you have feedback or need assistance with the MCP directory API, please join our Discord server