From Gateway to Dashboard: A Secure Microservices Architecture for Data Provisioning to Odoo ERP

Modern enterprises require data provisioning architectures that are both scalable and resilient to contemporary threats. This thesis proposes and evaluates a microservices-based integration around an Odoo ERP in which an API gateway is the sole Internet-exposed endpoint. The gateway terminates TLS, enforces OAuth2/OIDC (JWT) authentication and rate limiting, and applies a Web Application Firewall; backend services are containerized and follow the database-per-service pattern to reduce coupling and contain breaches. Operational observability is achieved through centralized log and telemetry collection to support real-time alerting and forensic analysis. A Docker-based implementation (using an open-source API gateway and identity provider) was benchmarked against a baseline Odoo-only API. Under representative workloads, the secure path added approximately 5–13% mean latency while sustaining 95–98% of baseline through-put. Adversarial tests guided by the MITRE ATT&CK framework (e.g., SQL injection, cross-site scripting, brute force, and request flooding) showed that malicious requests were blocked or throttled at the edge, and all security-relevant events were captured centrally. Network segmentation and least-privilege service identities prevented lateral movement and constrained blast radius. The results demonstrate that defense-in-depth controls can be introduced around an ERP without impairing usability, yielding a practical, repeatable blueprint for zero-trust, API-first integrations that deliver secure, low-latency data to enterprise dashboards.