diff --git a/fastapi_captcha/README.rst b/fastapi_captcha/README.rst
new file mode 100644
index 000000000..e2ebfe7b3
--- /dev/null
+++ b/fastapi_captcha/README.rst
@@ -0,0 +1,101 @@
+===============
+Fastapi Captcha
+===============
+
+.. 
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! source digest: sha256:a507efff5b29eb67557d6283c396db18daddc1e48115ede431daff7f686594b6
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+    :alt: License: AGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Frest--framework-lightgray.png?logo=github
+    :target: https://github.com/OCA/rest-framework/tree/16.0/fastapi_captcha
+    :alt: OCA/rest-framework
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/rest-framework-16-0/rest-framework-16-0-fastapi_captcha
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/rest-framework&target_branch=16.0
+    :alt: Try me on Runboat
+
+|badge1| |badge2| |badge3| |badge4| |badge5|
+
+This module provides a simple way to protect several fastapi endpoints
+routes with a captcha.
+
+It currently supports the following captcha providers:
+
+- `Google reCAPTCHA <https://www.google.com/recaptcha>`__
+- `hCaptcha <https://www.hcaptcha.com/>`__
+- `Altcha <https://altcha.org/>`__
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Usage
+=====
+
+Check the ``Use Captcha`` checkbox in your FastAPI endpoint to enable
+captcha validation, then enter your captcha provider, secret key and an
+array of route url regex.
+
+Every matching route will now require a valid captcha token in the
+X-Captcha-Token header.
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/rest-framework/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/rest-framework/issues/new?body=module:%20fastapi_captcha%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+-------
+
+* Akretion
+
+Contributors
+------------
+
+- Florian Mounier florian.mounier@akretion.com
+
+Maintainers
+-----------
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+.. |maintainer-paradoxxxzero| image:: https://github.com/paradoxxxzero.png?size=40px
+    :target: https://github.com/paradoxxxzero
+    :alt: paradoxxxzero
+
+Current `maintainer <https://odoo-community.org/page/maintainer-role>`__:
+
+|maintainer-paradoxxxzero| 
+
+This module is part of the `OCA/rest-framework <https://github.com/OCA/rest-framework/tree/16.0/fastapi_captcha>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
diff --git a/fastapi_captcha/__init__.py b/fastapi_captcha/__init__.py
new file mode 100644
index 000000000..0650744f6
--- /dev/null
+++ b/fastapi_captcha/__init__.py
@@ -0,0 +1 @@
+from . import models
diff --git a/fastapi_captcha/__manifest__.py b/fastapi_captcha/__manifest__.py
new file mode 100644
index 000000000..2169ca0d2
--- /dev/null
+++ b/fastapi_captcha/__manifest__.py
@@ -0,0 +1,20 @@
+# Copyright 2025 Akretion (http://www.akretion.com).
+# @author Florian Mounier <florian.mounier@akretion.com>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+{
+    "name": "Fastapi Captcha",
+    "version": "16.0.1.0.0",
+    "author": "Akretion, Odoo Community Association (OCA)",
+    "summary": "Add a captcha to your FastAPI routes",
+    "category": "Tools",
+    "depends": ["fastapi"],
+    "website": "https://github.com/OCA/rest-framework",
+    "data": [
+        "views/fastapi_endpoint_views.xml",
+    ],
+    "maintainers": ["paradoxxxzero"],
+    "demo": [],
+    "installable": True,
+    "license": "AGPL-3",
+}
diff --git a/fastapi_captcha/captcha_middleware.py b/fastapi_captcha/captcha_middleware.py
new file mode 100644
index 000000000..2120b1644
--- /dev/null
+++ b/fastapi_captcha/captcha_middleware.py
@@ -0,0 +1,43 @@
+# Copyright 2025 Akretion (http://www.akretion.com).
+# @author Florian Mounier <florian.mounier@akretion.com>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from starlette.middleware.base import BaseHTTPMiddleware
+
+from odoo import _
+from odoo.exceptions import AccessError
+
+from odoo.addons.fastapi.context import odoo_env_ctx
+
+
+class CaptchaMiddleware(BaseHTTPMiddleware):
+    def __init__(self, app, endpoint_id, root_path, routes_regex=None):
+        super().__init__(app)
+        self.endpoint_id = endpoint_id
+        self.root_path = root_path
+        self.routes_regex = routes_regex
+
+    async def dispatch(self, request, call_next):
+        url = request.url.path.replace(self.root_path, "", 1)
+        if self.routes_regex and not any(
+            rex.fullmatch(url) for rex in self.routes_regex
+        ):
+            return await call_next(request)
+
+        env = odoo_env_ctx.get()
+        endpoint = env["fastapi.endpoint"].sudo().browse(self.endpoint_id)
+        token = request.headers.get("X-Captcha-Token")
+        if not token:
+            raise AccessError(
+                _("Captcha token not found in headers"),
+            )
+        try:
+            endpoint.validate_captcha(token)
+        except AccessError as e:
+            raise e
+        except IOError as e:
+            raise AccessError(
+                _("Captcha validation failed: %s") % str(e),
+            ) from e
+        response = await call_next(request)
+        return response
diff --git a/fastapi_captcha/models/__init__.py b/fastapi_captcha/models/__init__.py
new file mode 100644
index 000000000..b825fab92
--- /dev/null
+++ b/fastapi_captcha/models/__init__.py
@@ -0,0 +1 @@
+from . import fastapi_endpoint
diff --git a/fastapi_captcha/models/fastapi_endpoint.py b/fastapi_captcha/models/fastapi_endpoint.py
new file mode 100644
index 000000000..7797fca05
--- /dev/null
+++ b/fastapi_captcha/models/fastapi_endpoint.py
@@ -0,0 +1,220 @@
+# Copyright 2025 Akretion (http://www.akretion.com).
+# @author Florian Mounier <florian.mounier@akretion.com>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import re
+from typing import Annotated
+
+import requests
+from starlette.middleware import Middleware
+
+from odoo import _, api, fields, models
+from odoo.exceptions import AccessError, UserError, ValidationError
+
+from fastapi import Depends, Header
+
+from ..captcha_middleware import CaptchaMiddleware
+
+
+class FastapiEndpoint(models.Model):
+    _inherit = "fastapi.endpoint"
+
+    use_captcha = fields.Boolean(
+        help="If checked, this endpoint will be protected by a captcha",
+    )
+
+    captcha_type = fields.Selection(
+        [
+            ("recaptcha", "Recaptcha"),
+            ("hcaptcha", "Hcaptcha"),
+            ("altcha", "Altcha"),
+        ],
+        help="Type of captcha to use for this endpoint",
+    )
+
+    captcha_secret_key = fields.Char(
+        help="Secret key to use for the captcha validation",
+        groups="base.group_system",
+    )
+
+    captcha_routes_regex = fields.Char(
+        help="Regexes to match against routes url that should be protected "
+        "by this captcha, comma separated. If empty, all routes will be protected",
+    )
+
+    captcha_minimum_score = fields.Float(
+        default=0.5,
+        help="Minimum score to accept the captcha if a score is provided by the "
+        "captcha service.",
+    )
+
+    captcha_custom_verify_url = fields.Char(
+        help="Custom URL to use for the captcha verification",
+    )
+
+    @property
+    def _server_env_fields(self):
+        fields = getattr(super(), "_server_env_fields", None) or {}
+        fields["captcha_secret_key"] = {}
+        return fields
+
+    @api.constrains("captcha_routes_regex")
+    def _check_captcha_routes_regex(self):
+        """Check that the captcha routes regex is valid"""
+        for record in self:
+            if record.captcha_routes_regex:
+                for rex in record.captcha_routes_regex.split(","):
+                    rex = rex.strip()
+                    if not rex:
+                        continue
+                    # Check that the regex is valid
+                    try:
+                        re.compile(rex)
+                    except re.error as e:
+                        raise ValidationError(
+                            _(
+                                "Invalid regex for captcha routes: %(regex)s (error: %(error)s)"
+                            )
+                            % {
+                                "regex": rex,
+                                "error": str(e),
+                            }
+                        ) from e
+
+    def _get_fastapi_app_middlewares(self):
+        # Add the captcha middleware to the list of middlewares if enabled
+        middlewares = super()._get_fastapi_app_middlewares()
+        if self.use_captcha:
+            middlewares.append(
+                Middleware(
+                    CaptchaMiddleware,
+                    endpoint_id=self.id,
+                    root_path=self.root_path,
+                    routes_regex=[
+                        re.compile(rex) for rex in self.captcha_routes_regex.split(",")
+                    ]
+                    if self.captcha_routes_regex
+                    else None,
+                )
+            )
+        return middlewares
+
+    def _get_fastapi_app_dependencies(self):
+        # Add the captcha header to the list of dependencies
+        dependencies = super()._get_fastapi_app_dependencies()
+        if self.use_captcha:
+            dependencies.append(Depends(captcha_token))
+
+        return dependencies
+
+    def validate_captcha(self, captcha_response):
+        """Validate the captcha response."""
+        secret_key = self.captcha_secret_key
+        if not secret_key:
+            raise UserError(_("No secret key found for this endpoint"))
+
+        if self.captcha_type == "recaptcha":
+            return self._validate_recaptcha(captcha_response, secret_key)
+        elif self.captcha_type == "hcaptcha":
+            return self._validate_hcaptcha(captcha_response, secret_key)
+        elif self.captcha_type == "altcha":
+            return self._validate_altcha(captcha_response, secret_key)
+
+    def _validate_recaptcha(self, captcha_response, secret_key):
+        """Validate the recaptcha response"""
+        data = {
+            "secret": secret_key,
+            "response": captcha_response,
+        }
+        response = requests.post(
+            "https://www.google.com/recaptcha/api/siteverify",
+            data=data,
+            timeout=10,
+        )
+        result = response.json()
+        success = result.get("success", False)
+        if not success:
+            error_codes = result.get("error-codes", ["?"])
+            raise AccessError(
+                _("Recaptcha validation failed: %s") % ", ".join(error_codes)
+            )
+        score = result.get("score", 1)
+        if score < self.captcha_minimum_score:
+            raise AccessError(
+                _("Recaptcha validation failed: score %(score)s < %(min_score)s")
+                % {
+                    "score": score,
+                    "min_score": self.captcha_minimum_score,
+                }
+            )
+
+    def _validate_hcaptcha(self, captcha_response, secret_key):
+        """Validate the hcaptcha response"""
+
+        data = {
+            "secret": secret_key,
+            "response": captcha_response,
+        }
+        response = requests.post(
+            "https://api.hcaptcha.com/siteverify", data=data, timeout=10
+        )
+        result = response.json()
+        success = result.get("success", False)
+        if not success:
+            error_codes = result.get("error-codes", ["?"])
+            raise AccessError(
+                _("Hcaptcha validation failed: %s") % ", ".join(error_codes)
+            )
+        score = result.get("score", 1)
+        if score < self.captcha_minimum_score:
+            raise AccessError(
+                _(
+                    "Hcaptcha validation failed: score %(score)s < %(min_score)s (%(reason)s)"
+                )
+                % {
+                    "score": score,
+                    "min_score": self.captcha_minimum_score,
+                    "reason": result.get("score_reason", ""),
+                }
+            )
+
+    def _validate_altcha(self, captcha_response, secret_key):
+        """Validate the altcha response"""
+        data = {
+            "apiKey": secret_key,
+            "payload": captcha_response,
+        }
+        url = (
+            self.captcha_custom_verify_url
+            or "https://eu.altcha.org/api/v1/challenge/verify"
+        )
+        response = requests.post(url, data=data, timeout=10)
+        result = response.json()
+        success = result.get("verified", False)
+        if not success:
+            error = result.get("error", "?")
+            raise AccessError(
+                _("Altcha (%(url)s) validation failed: %(error)s")
+                % {"url": url, "error": error}
+            )
+
+    @api.model
+    def _fastapi_app_fields(self):
+        # We need to reload fastapi app when we change these captcha fields
+        fields = super()._fastapi_app_fields()
+        return [
+            "use_captcha",
+            "captcha_routes_regex",
+        ] + fields
+
+
+def captcha_token(
+    captcha_token: Annotated[
+        str | None,
+        Header(
+            alias="X-Captcha-Token",
+            description="The X-Captcha-Token header is used to specify the captcha ",
+        ),
+    ] = None,
+) -> str:
+    return captcha_token
diff --git a/fastapi_captcha/readme/CONTRIBUTORS.md b/fastapi_captcha/readme/CONTRIBUTORS.md
new file mode 100644
index 000000000..328a37da8
--- /dev/null
+++ b/fastapi_captcha/readme/CONTRIBUTORS.md
@@ -0,0 +1 @@
+- Florian Mounier <florian.mounier@akretion.com>
diff --git a/fastapi_captcha/readme/DESCRIPTION.md b/fastapi_captcha/readme/DESCRIPTION.md
new file mode 100644
index 000000000..743b4e136
--- /dev/null
+++ b/fastapi_captcha/readme/DESCRIPTION.md
@@ -0,0 +1,8 @@
+This module provides a simple way to protect several fastapi endpoints routes with a
+captcha.
+
+It currently supports the following captcha providers:
+
+- [Google reCAPTCHA](https://www.google.com/recaptcha)
+- [hCaptcha](https://www.hcaptcha.com/)
+- [Altcha](https://altcha.org/)
diff --git a/fastapi_captcha/readme/USAGE.md b/fastapi_captcha/readme/USAGE.md
new file mode 100644
index 000000000..0967b20d8
--- /dev/null
+++ b/fastapi_captcha/readme/USAGE.md
@@ -0,0 +1,5 @@
+Check the `Use Captcha` checkbox in your FastAPI endpoint to enable captcha validation,
+then enter your captcha provider, secret key and an array of route url regex.
+
+Every matching route will now require a valid captcha token in the X-Captcha-Token
+header.
diff --git a/fastapi_captcha/static/description/index.html b/fastapi_captcha/static/description/index.html
new file mode 100644
index 000000000..36ac1639d
--- /dev/null
+++ b/fastapi_captcha/static/description/index.html
@@ -0,0 +1,441 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta name="generator" content="Docutils: https://docutils.sourceforge.io/" />
+<title>Fastapi Captcha</title>
+<style type="text/css">
+
+/*
+:Author: David Goodger (goodger@python.org)
+:Id: $Id: html4css1.css 9511 2024-01-13 09:50:07Z milde $
+:Copyright: This stylesheet has been placed in the public domain.
+
+Default cascading style sheet for the HTML output of Docutils.
+Despite the name, some widely supported CSS2 features are used.
+
+See https://docutils.sourceforge.io/docs/howto/html-stylesheets.html for how to
+customize this style sheet.
+*/
+
+/* used to remove borders from tables and images */
+.borderless, table.borderless td, table.borderless th {
+  border: 0 }
+
+table.borderless td, table.borderless th {
+  /* Override padding for "table.docutils td" with "! important".
+     The right padding separates the table cells. */
+  padding: 0 0.5em 0 0 ! important }
+
+.first {
+  /* Override more specific margin styles with "! important". */
+  margin-top: 0 ! important }
+
+.last, .with-subtitle {
+  margin-bottom: 0 ! important }
+
+.hidden {
+  display: none }
+
+.subscript {
+  vertical-align: sub;
+  font-size: smaller }
+
+.superscript {
+  vertical-align: super;
+  font-size: smaller }
+
+a.toc-backref {
+  text-decoration: none ;
+  color: black }
+
+blockquote.epigraph {
+  margin: 2em 5em ; }
+
+dl.docutils dd {
+  margin-bottom: 0.5em }
+
+object[type="image/svg+xml"], object[type="application/x-shockwave-flash"] {
+  overflow: hidden;
+}
+
+/* Uncomment (and remove this text!) to get bold-faced definition list terms
+dl.docutils dt {
+  font-weight: bold }
+*/
+
+div.abstract {
+  margin: 2em 5em }
+
+div.abstract p.topic-title {
+  font-weight: bold ;
+  text-align: center }
+
+div.admonition, div.attention, div.caution, div.danger, div.error,
+div.hint, div.important, div.note, div.tip, div.warning {
+  margin: 2em ;
+  border: medium outset ;
+  padding: 1em }
+
+div.admonition p.admonition-title, div.hint p.admonition-title,
+div.important p.admonition-title, div.note p.admonition-title,
+div.tip p.admonition-title {
+  font-weight: bold ;
+  font-family: sans-serif }
+
+div.attention p.admonition-title, div.caution p.admonition-title,
+div.danger p.admonition-title, div.error p.admonition-title,
+div.warning p.admonition-title, .code .error {
+  color: red ;
+  font-weight: bold ;
+  font-family: sans-serif }
+
+/* Uncomment (and remove this text!) to get reduced vertical space in
+   compound paragraphs.
+div.compound .compound-first, div.compound .compound-middle {
+  margin-bottom: 0.5em }
+
+div.compound .compound-last, div.compound .compound-middle {
+  margin-top: 0.5em }
+*/
+
+div.dedication {
+  margin: 2em 5em ;
+  text-align: center ;
+  font-style: italic }
+
+div.dedication p.topic-title {
+  font-weight: bold ;
+  font-style: normal }
+
+div.figure {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+div.footer, div.header {
+  clear: both;
+  font-size: smaller }
+
+div.line-block {
+  display: block ;
+  margin-top: 1em ;
+  margin-bottom: 1em }
+
+div.line-block div.line-block {
+  margin-top: 0 ;
+  margin-bottom: 0 ;
+  margin-left: 1.5em }
+
+div.sidebar {
+  margin: 0 0 0.5em 1em ;
+  border: medium outset ;
+  padding: 1em ;
+  background-color: #ffffee ;
+  width: 40% ;
+  float: right ;
+  clear: right }
+
+div.sidebar p.rubric {
+  font-family: sans-serif ;
+  font-size: medium }
+
+div.system-messages {
+  margin: 5em }
+
+div.system-messages h1 {
+  color: red }
+
+div.system-message {
+  border: medium outset ;
+  padding: 1em }
+
+div.system-message p.system-message-title {
+  color: red ;
+  font-weight: bold }
+
+div.topic {
+  margin: 2em }
+
+h1.section-subtitle, h2.section-subtitle, h3.section-subtitle,
+h4.section-subtitle, h5.section-subtitle, h6.section-subtitle {
+  margin-top: 0.4em }
+
+h1.title {
+  text-align: center }
+
+h2.subtitle {
+  text-align: center }
+
+hr.docutils {
+  width: 75% }
+
+img.align-left, .figure.align-left, object.align-left, table.align-left {
+  clear: left ;
+  float: left ;
+  margin-right: 1em }
+
+img.align-right, .figure.align-right, object.align-right, table.align-right {
+  clear: right ;
+  float: right ;
+  margin-left: 1em }
+
+img.align-center, .figure.align-center, object.align-center {
+  display: block;
+  margin-left: auto;
+  margin-right: auto;
+}
+
+table.align-center {
+  margin-left: auto;
+  margin-right: auto;
+}
+
+.align-left {
+  text-align: left }
+
+.align-center {
+  clear: both ;
+  text-align: center }
+
+.align-right {
+  text-align: right }
+
+/* reset inner alignment in figures */
+div.align-right {
+  text-align: inherit }
+
+/* div.align-center * { */
+/*   text-align: left } */
+
+.align-top    {
+  vertical-align: top }
+
+.align-middle {
+  vertical-align: middle }
+
+.align-bottom {
+  vertical-align: bottom }
+
+ol.simple, ul.simple {
+  margin-bottom: 1em }
+
+ol.arabic {
+  list-style: decimal }
+
+ol.loweralpha {
+  list-style: lower-alpha }
+
+ol.upperalpha {
+  list-style: upper-alpha }
+
+ol.lowerroman {
+  list-style: lower-roman }
+
+ol.upperroman {
+  list-style: upper-roman }
+
+p.attribution {
+  text-align: right ;
+  margin-left: 50% }
+
+p.caption {
+  font-style: italic }
+
+p.credits {
+  font-style: italic ;
+  font-size: smaller }
+
+p.label {
+  white-space: nowrap }
+
+p.rubric {
+  font-weight: bold ;
+  font-size: larger ;
+  color: maroon ;
+  text-align: center }
+
+p.sidebar-title {
+  font-family: sans-serif ;
+  font-weight: bold ;
+  font-size: larger }
+
+p.sidebar-subtitle {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+p.topic-title {
+  font-weight: bold }
+
+pre.address {
+  margin-bottom: 0 ;
+  margin-top: 0 ;
+  font: inherit }
+
+pre.literal-block, pre.doctest-block, pre.math, pre.code {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+pre.code .ln { color: gray; } /* line numbers */
+pre.code, code { background-color: #eeeeee }
+pre.code .comment, code .comment { color: #5C6576 }
+pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold }
+pre.code .literal.string, code .literal.string { color: #0C5404 }
+pre.code .name.builtin, code .name.builtin { color: #352B84 }
+pre.code .deleted, code .deleted { background-color: #DEB0A1}
+pre.code .inserted, code .inserted { background-color: #A3D289}
+
+span.classifier {
+  font-family: sans-serif ;
+  font-style: oblique }
+
+span.classifier-delimiter {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+span.interpreted {
+  font-family: sans-serif }
+
+span.option {
+  white-space: nowrap }
+
+span.pre {
+  white-space: pre }
+
+span.problematic, pre.problematic {
+  color: red }
+
+span.section-subtitle {
+  /* font-size relative to parent (h1..h6 element) */
+  font-size: 80% }
+
+table.citation {
+  border-left: solid 1px gray;
+  margin-left: 1px }
+
+table.docinfo {
+  margin: 2em 4em }
+
+table.docutils {
+  margin-top: 0.5em ;
+  margin-bottom: 0.5em }
+
+table.footnote {
+  border-left: solid 1px black;
+  margin-left: 1px }
+
+table.docutils td, table.docutils th,
+table.docinfo td, table.docinfo th {
+  padding-left: 0.5em ;
+  padding-right: 0.5em ;
+  vertical-align: top }
+
+table.docutils th.field-name, table.docinfo th.docinfo-name {
+  font-weight: bold ;
+  text-align: left ;
+  white-space: nowrap ;
+  padding-left: 0 }
+
+/* "booktabs" style (no vertical lines) */
+table.docutils.booktabs {
+  border: 0px;
+  border-top: 2px solid;
+  border-bottom: 2px solid;
+  border-collapse: collapse;
+}
+table.docutils.booktabs * {
+  border: 0px;
+}
+table.docutils.booktabs th {
+  border-bottom: thin solid;
+  text-align: left;
+}
+
+h1 tt.docutils, h2 tt.docutils, h3 tt.docutils,
+h4 tt.docutils, h5 tt.docutils, h6 tt.docutils {
+  font-size: 100% }
+
+ul.auto-toc {
+  list-style-type: none }
+
+</style>
+</head>
+<body>
+<div class="document" id="fastapi-captcha">
+<h1 class="title">Fastapi Captcha</h1>
+
+<!-- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! This file is generated by oca-gen-addon-readme !!
+!! changes will be overwritten.                   !!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! source digest: sha256:a507efff5b29eb67557d6283c396db18daddc1e48115ede431daff7f686594b6
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
+<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/rest-framework/tree/16.0/fastapi_captcha"><img alt="OCA/rest-framework" src="https://img.shields.io/badge/github-OCA%2Frest--framework-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/rest-framework-16-0/rest-framework-16-0-fastapi_captcha"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/rest-framework&amp;target_branch=16.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
+<p>This module provides a simple way to protect several fastapi endpoints
+routes with a captcha.</p>
+<p>It currently supports the following captcha providers:</p>
+<ul class="simple">
+<li><a class="reference external" href="https://www.google.com/recaptcha">Google reCAPTCHA</a></li>
+<li><a class="reference external" href="https://www.hcaptcha.com/">hCaptcha</a></li>
+<li><a class="reference external" href="https://altcha.org/">Altcha</a></li>
+</ul>
+<p><strong>Table of contents</strong></p>
+<div class="contents local topic" id="contents">
+<ul class="simple">
+<li><a class="reference internal" href="#usage" id="toc-entry-1">Usage</a></li>
+<li><a class="reference internal" href="#bug-tracker" id="toc-entry-2">Bug Tracker</a></li>
+<li><a class="reference internal" href="#credits" id="toc-entry-3">Credits</a><ul>
+<li><a class="reference internal" href="#authors" id="toc-entry-4">Authors</a></li>
+<li><a class="reference internal" href="#contributors" id="toc-entry-5">Contributors</a></li>
+<li><a class="reference internal" href="#maintainers" id="toc-entry-6">Maintainers</a></li>
+</ul>
+</li>
+</ul>
+</div>
+<div class="section" id="usage">
+<h1><a class="toc-backref" href="#toc-entry-1">Usage</a></h1>
+<p>Check the <tt class="docutils literal">Use Captcha</tt> checkbox in your FastAPI endpoint to enable
+captcha validation, then enter your captcha provider, secret key and an
+array of route url regex.</p>
+<p>Every matching route will now require a valid captcha token in the
+X-Captcha-Token header.</p>
+</div>
+<div class="section" id="bug-tracker">
+<h1><a class="toc-backref" href="#toc-entry-2">Bug Tracker</a></h1>
+<p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/rest-framework/issues">GitHub Issues</a>.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+<a class="reference external" href="https://github.com/OCA/rest-framework/issues/new?body=module:%20fastapi_captcha%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
+<p>Do not contact contributors directly about support or help with technical issues.</p>
+</div>
+<div class="section" id="credits">
+<h1><a class="toc-backref" href="#toc-entry-3">Credits</a></h1>
+<div class="section" id="authors">
+<h2><a class="toc-backref" href="#toc-entry-4">Authors</a></h2>
+<ul class="simple">
+<li>Akretion</li>
+</ul>
+</div>
+<div class="section" id="contributors">
+<h2><a class="toc-backref" href="#toc-entry-5">Contributors</a></h2>
+<ul class="simple">
+<li>Florian Mounier <a class="reference external" href="mailto:florian.mounier&#64;akretion.com">florian.mounier&#64;akretion.com</a></li>
+</ul>
+</div>
+<div class="section" id="maintainers">
+<h2><a class="toc-backref" href="#toc-entry-6">Maintainers</a></h2>
+<p>This module is maintained by the OCA.</p>
+<a class="reference external image-reference" href="https://odoo-community.org">
+<img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" />
+</a>
+<p>OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.</p>
+<p>Current <a class="reference external" href="https://odoo-community.org/page/maintainer-role">maintainer</a>:</p>
+<p><a class="reference external image-reference" href="https://github.com/paradoxxxzero"><img alt="paradoxxxzero" src="https://github.com/paradoxxxzero.png?size=40px" /></a></p>
+<p>This module is part of the <a class="reference external" href="https://github.com/OCA/rest-framework/tree/16.0/fastapi_captcha">OCA/rest-framework</a> project on GitHub.</p>
+<p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
+</div>
+</div>
+</div>
+</body>
+</html>
diff --git a/fastapi_captcha/tests/__init__.py b/fastapi_captcha/tests/__init__.py
new file mode 100644
index 000000000..4bd3138a6
--- /dev/null
+++ b/fastapi_captcha/tests/__init__.py
@@ -0,0 +1 @@
+from . import test_fastapi_captcha
diff --git a/fastapi_captcha/tests/test_fastapi_captcha.py b/fastapi_captcha/tests/test_fastapi_captcha.py
new file mode 100644
index 000000000..b5479a1fb
--- /dev/null
+++ b/fastapi_captcha/tests/test_fastapi_captcha.py
@@ -0,0 +1,333 @@
+# Copyright 2025 Akretion (http://www.akretion.com).
+# @author Florian Mounier <florian.mounier@akretion.com>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+from unittest.mock import patch
+
+import requests
+
+from odoo.exceptions import AccessError, UserError, ValidationError
+
+from odoo.addons.fastapi.tests.common import FastAPITransactionCase
+
+from fastapi import status
+
+
+class FastAPICaptcha(FastAPITransactionCase):
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
+        cls.default_fastapi_running_user = cls.env.ref("fastapi.my_demo_app_user")
+        cls.default_fastapi_authenticated_partner = cls.env["res.partner"].create(
+            {"name": "FastAPI Demo"}
+        )
+        cls.endpoint = cls.env.ref("fastapi.fastapi_endpoint_demo")
+        cls.endpoint.use_captcha = True
+        cls.endpoint.captcha_type = "recaptcha"
+        cls.endpoint.captcha_secret_key = "test_secret"
+        cls.default_fastapi_app = cls.endpoint._get_app()
+
+    def test_no_secret_key(self):
+        self.endpoint.captcha_secret_key = False
+        with self._create_test_client() as test_client:
+            with self.assertRaisesRegex(
+                UserError,
+                "No secret key found for this endpoint",
+            ):
+                test_client.get("/demo/", headers={"X-Captcha-Token": "valid"})
+
+    def test_invalid_regex(self):
+        with self.assertRaisesRegex(
+            ValidationError,
+            r"Invalid regex for captcha routes: /route/\( ",
+        ):
+            self.endpoint.captcha_routes_regex = r"/route/("
+
+    def test_missing_header(self):
+        with self._create_test_client() as test_client:
+            with self.assertRaisesRegex(
+                AccessError,
+                "Captcha token not found in headers",
+            ):
+                test_client.get("/demo/")
+            with self.assertRaisesRegex(
+                AccessError,
+                "Captcha token not found in headers",
+            ):
+                test_client.get("/demo/who_ami")
+
+    def test_invalid_header_recaptcha(self):
+        with patch(
+            "odoo.addons.fastapi_captcha.models.fastapi_endpoint.requests.post",
+            return_value=requests.Response(),
+        ) as mock_post:
+            mock_post.return_value.status_code = 200
+            mock_post.return_value.json = lambda: {
+                "success": False,
+                "error-codes": ["invalid-input-response"],
+            }
+            with self._create_test_client() as test_client:
+                with self.assertRaisesRegex(
+                    AccessError,
+                    "Recaptcha validation failed: invalid-input-response",
+                ):
+                    test_client.get("/demo/", headers={"X-Captcha-Token": "invalid"})
+                with self.assertRaisesRegex(
+                    AccessError,
+                    "Recaptcha validation failed: invalid-input-response",
+                ):
+                    test_client.get(
+                        "/demo/who_ami", headers={"X-Captcha-Token": "invalid"}
+                    )
+
+    def test_valid_header_recaptcha(self):
+        with patch(
+            "odoo.addons.fastapi_captcha.models.fastapi_endpoint.requests.post",
+            return_value=requests.Response(),
+        ) as mock_post:
+            mock_post.return_value.status_code = 200
+            mock_post.return_value.json = lambda: {
+                "success": True,
+                "score": 0.9,
+            }
+            with self._create_test_client() as test_client:
+                response = test_client.get(
+                    "/demo/", headers={"X-Captcha-Token": "valid"}
+                )
+                self.assertEqual(response.status_code, status.HTTP_200_OK)
+                self.assertEqual(response.json(), {"Hello": "World"})
+
+                response = test_client.get(
+                    "/demo/who_ami", headers={"X-Captcha-Token": "valid"}
+                )
+                self.assertEqual(response.status_code, status.HTTP_200_OK)
+                partner = self.default_fastapi_authenticated_partner
+                self.assertDictEqual(
+                    response.json(),
+                    {
+                        "name": partner.name,
+                        "display_name": partner.display_name,
+                    },
+                )
+
+    def test_invalid_header_hcaptcha(self):
+        self.endpoint.captcha_type = "hcaptcha"
+        self.endpoint.captcha_minimum_score = 0.8
+        with patch(
+            "odoo.addons.fastapi_captcha.models.fastapi_endpoint.requests.post",
+            return_value=requests.Response(),
+        ) as mock_post:
+            mock_post.return_value.status_code = 200
+            mock_post.return_value.json = lambda: {
+                "success": False,
+                "error-codes": ["invalid-input-response"],
+            }
+            with self._create_test_client() as test_client:
+                with self.assertRaisesRegex(
+                    AccessError,
+                    "Hcaptcha validation failed: invalid-input-response",
+                ):
+                    test_client.get("/demo/", headers={"X-Captcha-Token": "invalid"})
+                with self.assertRaisesRegex(
+                    AccessError,
+                    "Hcaptcha validation failed: invalid-input-response",
+                ):
+                    test_client.get(
+                        "/demo/who_ami", headers={"X-Captcha-Token": "invalid"}
+                    )
+
+    def test_valid_header_hcaptcha(self):
+        self.endpoint.captcha_type = "hcaptcha"
+        self.endpoint.captcha_minimum_score = 0.8
+        with patch(
+            "odoo.addons.fastapi_captcha.models.fastapi_endpoint.requests.post",
+            return_value=requests.Response(),
+        ) as mock_post:
+            mock_post.return_value.status_code = 200
+            mock_post.return_value.json = lambda: {
+                "success": True,
+                "score": 0.9,
+            }
+            with self._create_test_client() as test_client:
+                response = test_client.get(
+                    "/demo/", headers={"X-Captcha-Token": "valid"}
+                )
+                self.assertEqual(response.status_code, status.HTTP_200_OK)
+                self.assertEqual(response.json(), {"Hello": "World"})
+
+                response = test_client.get(
+                    "/demo/who_ami", headers={"X-Captcha-Token": "valid"}
+                )
+                self.assertEqual(response.status_code, status.HTTP_200_OK)
+                partner = self.default_fastapi_authenticated_partner
+                self.assertDictEqual(
+                    response.json(),
+                    {
+                        "name": partner.name,
+                        "display_name": partner.display_name,
+                    },
+                )
+
+    def test_valid_header_low_score_hcaptcha(self):
+        self.endpoint.captcha_type = "hcaptcha"
+        self.endpoint.captcha_minimum_score = 0.8
+        with patch(
+            "odoo.addons.fastapi_captcha.models.fastapi_endpoint.requests.post",
+            return_value=requests.Response(),
+        ) as mock_post:
+            mock_post.return_value.status_code = 200
+            mock_post.return_value.json = lambda: {
+                "success": True,
+                "score": 0.6,
+                "score_reason": "low-confidence",
+            }
+            with self._create_test_client() as test_client:
+                with self.assertRaisesRegex(
+                    AccessError,
+                    r"Hcaptcha validation failed: score 0.6 < 0.8 \(low-confidence\)",
+                ):
+                    test_client.get("/demo/", headers={"X-Captcha-Token": "valid"})
+
+    def test_invalid_header_altcha(self):
+        self.endpoint.captcha_type = "altcha"
+        with patch(
+            "odoo.addons.fastapi_captcha.models.fastapi_endpoint.requests.post",
+            return_value=requests.Response(),
+        ) as mock_post:
+            mock_post.return_value.status_code = 200
+            mock_post.return_value.json = lambda: {
+                "verified": False,
+                "error": "invalid-input-response",
+            }
+            with self._create_test_client() as test_client:
+                with self.assertRaisesRegex(
+                    AccessError,
+                    r"Altcha \(https://eu.altcha.org/api/v1/challenge/verify\) "
+                    "validation failed: invalid-input-response",
+                ):
+                    test_client.get("/demo/", headers={"X-Captcha-Token": "invalid"})
+
+                self.assertGreaterEqual(mock_post.call_count, 1)
+                self.assertEqual(
+                    mock_post.call_args.args[0],
+                    "https://eu.altcha.org/api/v1/challenge/verify",
+                )
+
+                with self.assertRaisesRegex(
+                    AccessError,
+                    r"Altcha \(https://eu.altcha.org/api/v1/challenge/verify\) "
+                    "validation failed: invalid-input-response",
+                ):
+                    test_client.get(
+                        "/demo/who_ami", headers={"X-Captcha-Token": "invalid"}
+                    )
+
+    def test_valid_header_altcha(self):
+        self.endpoint.captcha_type = "altcha"
+        with patch(
+            "odoo.addons.fastapi_captcha.models.fastapi_endpoint.requests.post",
+            return_value=requests.Response(),
+        ) as mock_post:
+            mock_post.return_value.status_code = 200
+            mock_post.return_value.json = lambda: {
+                "verified": True,
+            }
+            with self._create_test_client() as test_client:
+                response = test_client.get(
+                    "/demo/", headers={"X-Captcha-Token": "valid"}
+                )
+                self.assertEqual(response.status_code, status.HTTP_200_OK)
+                self.assertEqual(response.json(), {"Hello": "World"})
+
+                self.assertGreaterEqual(mock_post.call_count, 1)
+                self.assertEqual(
+                    mock_post.call_args.args[0],
+                    "https://eu.altcha.org/api/v1/challenge/verify",
+                )
+                response = test_client.get(
+                    "/demo/who_ami", headers={"X-Captcha-Token": "valid"}
+                )
+                self.assertEqual(response.status_code, status.HTTP_200_OK)
+                partner = self.default_fastapi_authenticated_partner
+                self.assertDictEqual(
+                    response.json(),
+                    {
+                        "name": partner.name,
+                        "display_name": partner.display_name,
+                    },
+                )
+
+    def test_valid_header_custom_url_altcha(self):
+        self.endpoint.captcha_type = "altcha"
+        self.endpoint.captcha_custom_verify_url = "https://custom.exemple.org/verify"
+
+        with patch(
+            "odoo.addons.fastapi_captcha.models.fastapi_endpoint.requests.post",
+            return_value=requests.Response(),
+        ) as mock_post:
+            mock_post.return_value.status_code = 200
+            mock_post.return_value.json = lambda: {
+                "verified": True,
+            }
+            with self._create_test_client() as test_client:
+                response = test_client.get(
+                    "/demo/", headers={"X-Captcha-Token": "valid"}
+                )
+                self.assertEqual(response.status_code, status.HTTP_200_OK)
+                self.assertEqual(response.json(), {"Hello": "World"})
+
+                self.assertGreaterEqual(mock_post.call_count, 1)
+                self.assertEqual(
+                    mock_post.call_args.args[0],
+                    "https://custom.exemple.org/verify",
+                )
+                response = test_client.get(
+                    "/demo/who_ami", headers={"X-Captcha-Token": "valid"}
+                )
+                self.assertEqual(response.status_code, status.HTTP_200_OK)
+                partner = self.default_fastapi_authenticated_partner
+                self.assertDictEqual(
+                    response.json(),
+                    {
+                        "name": partner.name,
+                        "display_name": partner.display_name,
+                    },
+                )
+
+    def test_routes_matching_1(self):
+        self.endpoint.captcha_routes_regex = "/demo/wh.*,/demo/ca.?"
+        # Refresh app
+        self.default_fastapi_app = self.endpoint._get_app()
+
+        with self._create_test_client() as test_client:
+            response = test_client.get("/demo")
+            self.assertEqual(response.status_code, status.HTTP_200_OK)
+            self.assertEqual(response.json(), {"Hello": "World"})
+
+            with self.assertRaisesRegex(
+                AccessError,
+                "Captcha token not found in headers",
+            ):
+                test_client.get("/demo/who_ami")
+
+    def test_routes_matching_2(self):
+        self.endpoint.captcha_routes_regex = "/demo"
+        # Refresh app
+        self.default_fastapi_app = self.endpoint._get_app()
+
+        with self._create_test_client() as test_client:
+            with self.assertRaisesRegex(
+                AccessError,
+                "Captcha token not found in headers",
+            ):
+                test_client.get("/demo")
+
+            response = test_client.get("/demo/who_ami")
+            self.assertEqual(response.status_code, status.HTTP_200_OK)
+            partner = self.default_fastapi_authenticated_partner
+            self.assertDictEqual(
+                response.json(),
+                {
+                    "name": partner.name,
+                    "display_name": partner.display_name,
+                },
+            )
diff --git a/fastapi_captcha/views/fastapi_endpoint_views.xml b/fastapi_captcha/views/fastapi_endpoint_views.xml
new file mode 100644
index 000000000..21b6bcde1
--- /dev/null
+++ b/fastapi_captcha/views/fastapi_endpoint_views.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!--
+    Copyright 2025 Akretion (http://www.akretion.com).
+    @author Florian Mounier <florian.mounier@akretion.com>
+    License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+-->
+<odoo>
+
+
+    <record id="fastapi_endpoint_form_view" model="ir.ui.view">
+        <field name="model">fastapi.endpoint</field>
+        <field name="inherit_id" ref="fastapi.fastapi_endpoint_form_view" />
+        <field name="arch" type="xml">
+            <field name="save_http_session" position="after">
+                <field name="use_captcha" />
+            </field>
+            <group name="resoures" position="after">
+                <group
+                    name="captcha"
+                    attrs="{'invisible': [('use_captcha', '=', False)]}"
+                >
+                    <field
+                        name="captcha_type"
+                        attrs="{'required': [('use_captcha', '=', True)]}"
+                    />
+                    <field
+                        name="captcha_secret_key"
+                        attrs="{'required': [('use_captcha', '=', True)]}"
+                    />
+                    <field name="captcha_routes_regex" />
+                    <field
+                        name="captcha_custom_verify_url"
+                        attrs="{'invisible': [('captcha_type', '!=', 'altcha')]}"
+                    />
+                    <field name="captcha_minimum_score" />
+                </group>
+            </group>
+        </field>
+    </record>
+
+</odoo>
diff --git a/fastapi_captcha_altcha_backend/README.rst b/fastapi_captcha_altcha_backend/README.rst
new file mode 100644
index 000000000..43a6f9f0a
--- /dev/null
+++ b/fastapi_captcha_altcha_backend/README.rst
@@ -0,0 +1,93 @@
+==============================
+Fastapi Captcha Altcha Backend
+==============================
+
+.. 
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! source digest: sha256:e97f2c1f5989e99007440eecfb45f75fb664da90312dfd68b8a61d8a321305c1
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+    :alt: License: AGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Frest--framework-lightgray.png?logo=github
+    :target: https://github.com/OCA/rest-framework/tree/16.0/fastapi_captcha_altcha_backend
+    :alt: OCA/rest-framework
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/rest-framework-16-0/rest-framework-16-0-fastapi_captcha_altcha_backend
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/rest-framework&target_branch=16.0
+    :alt: Try me on Runboat
+
+|badge1| |badge2| |badge3| |badge4| |badge5|
+
+This module adds Altcha service as a FastApi router and add local Altcha
+verification as a captcha method.
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Usage
+=====
+
+Add the altcha router in your FastAPI application to enable the Altcha
+captcha verification. Get the challenge from the /altcha/challenge
+endpoint. Choose the altcha_local captcha type in your FastAPI endpoint
+configuration.
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/rest-framework/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/rest-framework/issues/new?body=module:%20fastapi_captcha_altcha_backend%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+-------
+
+* Akretion
+
+Contributors
+------------
+
+- Florian Mounier florian.mounier@akretion.com
+
+Maintainers
+-----------
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+.. |maintainer-paradoxxxzero| image:: https://github.com/paradoxxxzero.png?size=40px
+    :target: https://github.com/paradoxxxzero
+    :alt: paradoxxxzero
+
+Current `maintainer <https://odoo-community.org/page/maintainer-role>`__:
+
+|maintainer-paradoxxxzero| 
+
+This module is part of the `OCA/rest-framework <https://github.com/OCA/rest-framework/tree/16.0/fastapi_captcha_altcha_backend>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
diff --git a/fastapi_captcha_altcha_backend/__init__.py b/fastapi_captcha_altcha_backend/__init__.py
new file mode 100644
index 000000000..9ef814457
--- /dev/null
+++ b/fastapi_captcha_altcha_backend/__init__.py
@@ -0,0 +1,2 @@
+from . import models
+from . import routers
diff --git a/fastapi_captcha_altcha_backend/__manifest__.py b/fastapi_captcha_altcha_backend/__manifest__.py
new file mode 100644
index 000000000..f114feecf
--- /dev/null
+++ b/fastapi_captcha_altcha_backend/__manifest__.py
@@ -0,0 +1,23 @@
+# Copyright 2025 Akretion (http://www.akretion.com).
+# @author Florian Mounier <florian.mounier@akretion.com>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+{
+    "name": "Fastapi Captcha Altcha Backend",
+    "version": "16.0.1.0.0",
+    "author": "Akretion, Odoo Community Association (OCA)",
+    "summary": "Implement Altcha server in FastAPI",
+    "category": "Tools",
+    "depends": ["fastapi_captcha"],
+    "website": "https://github.com/OCA/rest-framework",
+    "data": [],
+    "maintainers": ["paradoxxxzero"],
+    "demo": [],
+    "installable": True,
+    "license": "AGPL-3",
+    "external_dependencies": {
+        "python": [
+            "altcha",
+        ]
+    },
+}
diff --git a/fastapi_captcha_altcha_backend/models/__init__.py b/fastapi_captcha_altcha_backend/models/__init__.py
new file mode 100644
index 000000000..b825fab92
--- /dev/null
+++ b/fastapi_captcha_altcha_backend/models/__init__.py
@@ -0,0 +1 @@
+from . import fastapi_endpoint
diff --git a/fastapi_captcha_altcha_backend/models/fastapi_endpoint.py b/fastapi_captcha_altcha_backend/models/fastapi_endpoint.py
new file mode 100644
index 000000000..b567d5bf5
--- /dev/null
+++ b/fastapi_captcha_altcha_backend/models/fastapi_endpoint.py
@@ -0,0 +1,48 @@
+# Copyright 2025 Akretion (http://www.akretion.com).
+# @author Florian Mounier <florian.mounier@akretion.com>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from odoo import _, fields, models
+from odoo.exceptions import AccessError, UserError, ValidationError
+
+try:
+    import altcha
+    from altcha import verify_solution
+except ImportError:
+    altcha = None
+
+
+class FastapiEndpoint(models.Model):
+    _inherit = "fastapi.endpoint"
+
+    captcha_type = fields.Selection(
+        selection_add=[
+            ("altcha_local", "Altcha (Local)"),
+        ],
+    )
+
+    def validate_captcha(self, captcha_response):
+        """Validate the captcha response."""
+        super().validate_captcha(captcha_response)
+        secret_key = self.captcha_secret_key
+        if self.captcha_type == "altcha_local":
+            if not altcha:
+                raise UserError(_("Altcha library is not installed."))
+            return self._validate_altcha_local(captcha_response, secret_key)
+
+    def _validate_altcha_local(self, captcha_response, secret_key):
+        """Validate the altcha"""
+
+        try:
+            # Verify the solution
+            verified, err = verify_solution(captcha_response, secret_key, True)
+            if not verified:
+                raise AccessError(
+                    _("Altcha validation failed: %(error)s") % {"error": err}
+                )
+
+            return
+        except Exception as e:
+            raise ValidationError(
+                _("Failed to process Altcha payload: %(error)s") % {"error": str(e)}
+            ) from e
diff --git a/fastapi_captcha_altcha_backend/readme/CONTRIBUTORS.md b/fastapi_captcha_altcha_backend/readme/CONTRIBUTORS.md
new file mode 100644
index 000000000..328a37da8
--- /dev/null
+++ b/fastapi_captcha_altcha_backend/readme/CONTRIBUTORS.md
@@ -0,0 +1 @@
+- Florian Mounier <florian.mounier@akretion.com>
diff --git a/fastapi_captcha_altcha_backend/readme/DESCRIPTION.md b/fastapi_captcha_altcha_backend/readme/DESCRIPTION.md
new file mode 100644
index 000000000..b3c83e3c5
--- /dev/null
+++ b/fastapi_captcha_altcha_backend/readme/DESCRIPTION.md
@@ -0,0 +1,2 @@
+This module adds Altcha service as a FastApi router and add local Altcha verification as
+a captcha method.
diff --git a/fastapi_captcha_altcha_backend/readme/USAGE.md b/fastapi_captcha_altcha_backend/readme/USAGE.md
new file mode 100644
index 000000000..e4f7a0714
--- /dev/null
+++ b/fastapi_captcha_altcha_backend/readme/USAGE.md
@@ -0,0 +1,3 @@
+Add the altcha router in your FastAPI application to enable the Altcha captcha
+verification. Get the challenge from the /altcha/challenge endpoint. Choose the
+altcha_local captcha type in your FastAPI endpoint configuration.
diff --git a/fastapi_captcha_altcha_backend/routers/__init__.py b/fastapi_captcha_altcha_backend/routers/__init__.py
new file mode 100644
index 000000000..dfff867b8
--- /dev/null
+++ b/fastapi_captcha_altcha_backend/routers/__init__.py
@@ -0,0 +1 @@
+from .altcha import altcha_router
diff --git a/fastapi_captcha_altcha_backend/routers/altcha.py b/fastapi_captcha_altcha_backend/routers/altcha.py
new file mode 100644
index 000000000..6e2a9309c
--- /dev/null
+++ b/fastapi_captcha_altcha_backend/routers/altcha.py
@@ -0,0 +1,46 @@
+# Copyright 2025 Akretion (http://www.akretion.com).
+# @author Florian Mounier <florian.mounier@akretion.com>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+import datetime
+from typing import Annotated
+
+from odoo import _
+from odoo.exceptions import AccessDenied, ValidationError
+
+from odoo.addons.fastapi.dependencies import fastapi_endpoint
+from odoo.addons.fastapi.models import FastapiEndpoint
+
+from fastapi import APIRouter, Depends
+
+try:
+    import altcha
+    from altcha import ChallengeOptions, create_challenge
+except ImportError:
+    altcha = None
+
+from ..schemas import AltchaChallenge
+
+altcha_router = APIRouter(tags=["altcha"])
+
+
+@altcha_router.get("/altcha/challenge")
+def altcha_challenge(
+    endpoint: Annotated[FastapiEndpoint, Depends(fastapi_endpoint)],
+) -> AltchaChallenge:
+    if not altcha:
+        raise ValidationError(_("Altcha library is not installed."))
+    secret_key = endpoint.sudo().captcha_secret_key
+    if not secret_key:
+        raise ValidationError(_("Captcha secret key is not set for this endpoint."))
+
+    try:
+        challenge = create_challenge(
+            ChallengeOptions(
+                expires=datetime.datetime.now() + datetime.timedelta(minutes=5),
+                hmac_key=secret_key,
+                max_number=50000,
+            )
+        )
+        return AltchaChallenge.from_challenge(challenge)
+    except Exception as e:
+        raise AccessDenied(_("Failed to create Altcha challenge.")) from e
diff --git a/fastapi_captcha_altcha_backend/schemas.py b/fastapi_captcha_altcha_backend/schemas.py
new file mode 100644
index 000000000..8de165f72
--- /dev/null
+++ b/fastapi_captcha_altcha_backend/schemas.py
@@ -0,0 +1,23 @@
+# Copyright 2025 Akretion (http://www.akretion.com).
+# @author Florian Mounier <florian.mounier@akretion.com>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from extendable_pydantic import StrictExtendableBaseModel
+
+
+class AltchaChallenge(StrictExtendableBaseModel):
+    algorithm: str
+    challenge: str
+    max_number: int
+    salt: str
+    signature: str
+
+    @classmethod
+    def from_challenge(cls, challenge):
+        return cls.model_construct(
+            algorithm=challenge.algorithm,
+            challenge=challenge.challenge,
+            max_number=challenge.max_number,
+            salt=challenge.salt,
+            signature=challenge.signature,
+        )
diff --git a/fastapi_captcha_altcha_backend/static/description/index.html b/fastapi_captcha_altcha_backend/static/description/index.html
new file mode 100644
index 000000000..44dba5cb5
--- /dev/null
+++ b/fastapi_captcha_altcha_backend/static/description/index.html
@@ -0,0 +1,434 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta name="generator" content="Docutils: https://docutils.sourceforge.io/" />
+<title>Fastapi Captcha Altcha Backend</title>
+<style type="text/css">
+
+/*
+:Author: David Goodger (goodger@python.org)
+:Id: $Id: html4css1.css 9511 2024-01-13 09:50:07Z milde $
+:Copyright: This stylesheet has been placed in the public domain.
+
+Default cascading style sheet for the HTML output of Docutils.
+Despite the name, some widely supported CSS2 features are used.
+
+See https://docutils.sourceforge.io/docs/howto/html-stylesheets.html for how to
+customize this style sheet.
+*/
+
+/* used to remove borders from tables and images */
+.borderless, table.borderless td, table.borderless th {
+  border: 0 }
+
+table.borderless td, table.borderless th {
+  /* Override padding for "table.docutils td" with "! important".
+     The right padding separates the table cells. */
+  padding: 0 0.5em 0 0 ! important }
+
+.first {
+  /* Override more specific margin styles with "! important". */
+  margin-top: 0 ! important }
+
+.last, .with-subtitle {
+  margin-bottom: 0 ! important }
+
+.hidden {
+  display: none }
+
+.subscript {
+  vertical-align: sub;
+  font-size: smaller }
+
+.superscript {
+  vertical-align: super;
+  font-size: smaller }
+
+a.toc-backref {
+  text-decoration: none ;
+  color: black }
+
+blockquote.epigraph {
+  margin: 2em 5em ; }
+
+dl.docutils dd {
+  margin-bottom: 0.5em }
+
+object[type="image/svg+xml"], object[type="application/x-shockwave-flash"] {
+  overflow: hidden;
+}
+
+/* Uncomment (and remove this text!) to get bold-faced definition list terms
+dl.docutils dt {
+  font-weight: bold }
+*/
+
+div.abstract {
+  margin: 2em 5em }
+
+div.abstract p.topic-title {
+  font-weight: bold ;
+  text-align: center }
+
+div.admonition, div.attention, div.caution, div.danger, div.error,
+div.hint, div.important, div.note, div.tip, div.warning {
+  margin: 2em ;
+  border: medium outset ;
+  padding: 1em }
+
+div.admonition p.admonition-title, div.hint p.admonition-title,
+div.important p.admonition-title, div.note p.admonition-title,
+div.tip p.admonition-title {
+  font-weight: bold ;
+  font-family: sans-serif }
+
+div.attention p.admonition-title, div.caution p.admonition-title,
+div.danger p.admonition-title, div.error p.admonition-title,
+div.warning p.admonition-title, .code .error {
+  color: red ;
+  font-weight: bold ;
+  font-family: sans-serif }
+
+/* Uncomment (and remove this text!) to get reduced vertical space in
+   compound paragraphs.
+div.compound .compound-first, div.compound .compound-middle {
+  margin-bottom: 0.5em }
+
+div.compound .compound-last, div.compound .compound-middle {
+  margin-top: 0.5em }
+*/
+
+div.dedication {
+  margin: 2em 5em ;
+  text-align: center ;
+  font-style: italic }
+
+div.dedication p.topic-title {
+  font-weight: bold ;
+  font-style: normal }
+
+div.figure {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+div.footer, div.header {
+  clear: both;
+  font-size: smaller }
+
+div.line-block {
+  display: block ;
+  margin-top: 1em ;
+  margin-bottom: 1em }
+
+div.line-block div.line-block {
+  margin-top: 0 ;
+  margin-bottom: 0 ;
+  margin-left: 1.5em }
+
+div.sidebar {
+  margin: 0 0 0.5em 1em ;
+  border: medium outset ;
+  padding: 1em ;
+  background-color: #ffffee ;
+  width: 40% ;
+  float: right ;
+  clear: right }
+
+div.sidebar p.rubric {
+  font-family: sans-serif ;
+  font-size: medium }
+
+div.system-messages {
+  margin: 5em }
+
+div.system-messages h1 {
+  color: red }
+
+div.system-message {
+  border: medium outset ;
+  padding: 1em }
+
+div.system-message p.system-message-title {
+  color: red ;
+  font-weight: bold }
+
+div.topic {
+  margin: 2em }
+
+h1.section-subtitle, h2.section-subtitle, h3.section-subtitle,
+h4.section-subtitle, h5.section-subtitle, h6.section-subtitle {
+  margin-top: 0.4em }
+
+h1.title {
+  text-align: center }
+
+h2.subtitle {
+  text-align: center }
+
+hr.docutils {
+  width: 75% }
+
+img.align-left, .figure.align-left, object.align-left, table.align-left {
+  clear: left ;
+  float: left ;
+  margin-right: 1em }
+
+img.align-right, .figure.align-right, object.align-right, table.align-right {
+  clear: right ;
+  float: right ;
+  margin-left: 1em }
+
+img.align-center, .figure.align-center, object.align-center {
+  display: block;
+  margin-left: auto;
+  margin-right: auto;
+}
+
+table.align-center {
+  margin-left: auto;
+  margin-right: auto;
+}
+
+.align-left {
+  text-align: left }
+
+.align-center {
+  clear: both ;
+  text-align: center }
+
+.align-right {
+  text-align: right }
+
+/* reset inner alignment in figures */
+div.align-right {
+  text-align: inherit }
+
+/* div.align-center * { */
+/*   text-align: left } */
+
+.align-top    {
+  vertical-align: top }
+
+.align-middle {
+  vertical-align: middle }
+
+.align-bottom {
+  vertical-align: bottom }
+
+ol.simple, ul.simple {
+  margin-bottom: 1em }
+
+ol.arabic {
+  list-style: decimal }
+
+ol.loweralpha {
+  list-style: lower-alpha }
+
+ol.upperalpha {
+  list-style: upper-alpha }
+
+ol.lowerroman {
+  list-style: lower-roman }
+
+ol.upperroman {
+  list-style: upper-roman }
+
+p.attribution {
+  text-align: right ;
+  margin-left: 50% }
+
+p.caption {
+  font-style: italic }
+
+p.credits {
+  font-style: italic ;
+  font-size: smaller }
+
+p.label {
+  white-space: nowrap }
+
+p.rubric {
+  font-weight: bold ;
+  font-size: larger ;
+  color: maroon ;
+  text-align: center }
+
+p.sidebar-title {
+  font-family: sans-serif ;
+  font-weight: bold ;
+  font-size: larger }
+
+p.sidebar-subtitle {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+p.topic-title {
+  font-weight: bold }
+
+pre.address {
+  margin-bottom: 0 ;
+  margin-top: 0 ;
+  font: inherit }
+
+pre.literal-block, pre.doctest-block, pre.math, pre.code {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+pre.code .ln { color: gray; } /* line numbers */
+pre.code, code { background-color: #eeeeee }
+pre.code .comment, code .comment { color: #5C6576 }
+pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold }
+pre.code .literal.string, code .literal.string { color: #0C5404 }
+pre.code .name.builtin, code .name.builtin { color: #352B84 }
+pre.code .deleted, code .deleted { background-color: #DEB0A1}
+pre.code .inserted, code .inserted { background-color: #A3D289}
+
+span.classifier {
+  font-family: sans-serif ;
+  font-style: oblique }
+
+span.classifier-delimiter {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+span.interpreted {
+  font-family: sans-serif }
+
+span.option {
+  white-space: nowrap }
+
+span.pre {
+  white-space: pre }
+
+span.problematic, pre.problematic {
+  color: red }
+
+span.section-subtitle {
+  /* font-size relative to parent (h1..h6 element) */
+  font-size: 80% }
+
+table.citation {
+  border-left: solid 1px gray;
+  margin-left: 1px }
+
+table.docinfo {
+  margin: 2em 4em }
+
+table.docutils {
+  margin-top: 0.5em ;
+  margin-bottom: 0.5em }
+
+table.footnote {
+  border-left: solid 1px black;
+  margin-left: 1px }
+
+table.docutils td, table.docutils th,
+table.docinfo td, table.docinfo th {
+  padding-left: 0.5em ;
+  padding-right: 0.5em ;
+  vertical-align: top }
+
+table.docutils th.field-name, table.docinfo th.docinfo-name {
+  font-weight: bold ;
+  text-align: left ;
+  white-space: nowrap ;
+  padding-left: 0 }
+
+/* "booktabs" style (no vertical lines) */
+table.docutils.booktabs {
+  border: 0px;
+  border-top: 2px solid;
+  border-bottom: 2px solid;
+  border-collapse: collapse;
+}
+table.docutils.booktabs * {
+  border: 0px;
+}
+table.docutils.booktabs th {
+  border-bottom: thin solid;
+  text-align: left;
+}
+
+h1 tt.docutils, h2 tt.docutils, h3 tt.docutils,
+h4 tt.docutils, h5 tt.docutils, h6 tt.docutils {
+  font-size: 100% }
+
+ul.auto-toc {
+  list-style-type: none }
+
+</style>
+</head>
+<body>
+<div class="document" id="fastapi-captcha-altcha-backend">
+<h1 class="title">Fastapi Captcha Altcha Backend</h1>
+
+<!-- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! This file is generated by oca-gen-addon-readme !!
+!! changes will be overwritten.                   !!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! source digest: sha256:e97f2c1f5989e99007440eecfb45f75fb664da90312dfd68b8a61d8a321305c1
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
+<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/rest-framework/tree/16.0/fastapi_captcha_altcha_backend"><img alt="OCA/rest-framework" src="https://img.shields.io/badge/github-OCA%2Frest--framework-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/rest-framework-16-0/rest-framework-16-0-fastapi_captcha_altcha_backend"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/rest-framework&amp;target_branch=16.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
+<p>This module adds Altcha service as a FastApi router and add local Altcha
+verification as a captcha method.</p>
+<p><strong>Table of contents</strong></p>
+<div class="contents local topic" id="contents">
+<ul class="simple">
+<li><a class="reference internal" href="#usage" id="toc-entry-1">Usage</a></li>
+<li><a class="reference internal" href="#bug-tracker" id="toc-entry-2">Bug Tracker</a></li>
+<li><a class="reference internal" href="#credits" id="toc-entry-3">Credits</a><ul>
+<li><a class="reference internal" href="#authors" id="toc-entry-4">Authors</a></li>
+<li><a class="reference internal" href="#contributors" id="toc-entry-5">Contributors</a></li>
+<li><a class="reference internal" href="#maintainers" id="toc-entry-6">Maintainers</a></li>
+</ul>
+</li>
+</ul>
+</div>
+<div class="section" id="usage">
+<h1><a class="toc-backref" href="#toc-entry-1">Usage</a></h1>
+<p>Add the altcha router in your FastAPI application to enable the Altcha
+captcha verification. Get the challenge from the /altcha/challenge
+endpoint. Choose the altcha_local captcha type in your FastAPI endpoint
+configuration.</p>
+</div>
+<div class="section" id="bug-tracker">
+<h1><a class="toc-backref" href="#toc-entry-2">Bug Tracker</a></h1>
+<p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/rest-framework/issues">GitHub Issues</a>.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+<a class="reference external" href="https://github.com/OCA/rest-framework/issues/new?body=module:%20fastapi_captcha_altcha_backend%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
+<p>Do not contact contributors directly about support or help with technical issues.</p>
+</div>
+<div class="section" id="credits">
+<h1><a class="toc-backref" href="#toc-entry-3">Credits</a></h1>
+<div class="section" id="authors">
+<h2><a class="toc-backref" href="#toc-entry-4">Authors</a></h2>
+<ul class="simple">
+<li>Akretion</li>
+</ul>
+</div>
+<div class="section" id="contributors">
+<h2><a class="toc-backref" href="#toc-entry-5">Contributors</a></h2>
+<ul class="simple">
+<li>Florian Mounier <a class="reference external" href="mailto:florian.mounier&#64;akretion.com">florian.mounier&#64;akretion.com</a></li>
+</ul>
+</div>
+<div class="section" id="maintainers">
+<h2><a class="toc-backref" href="#toc-entry-6">Maintainers</a></h2>
+<p>This module is maintained by the OCA.</p>
+<a class="reference external image-reference" href="https://odoo-community.org">
+<img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" />
+</a>
+<p>OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.</p>
+<p>Current <a class="reference external" href="https://odoo-community.org/page/maintainer-role">maintainer</a>:</p>
+<p><a class="reference external image-reference" href="https://github.com/paradoxxxzero"><img alt="paradoxxxzero" src="https://github.com/paradoxxxzero.png?size=40px" /></a></p>
+<p>This module is part of the <a class="reference external" href="https://github.com/OCA/rest-framework/tree/16.0/fastapi_captcha_altcha_backend">OCA/rest-framework</a> project on GitHub.</p>
+<p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
+</div>
+</div>
+</div>
+</body>
+</html>
diff --git a/requirements.txt b/requirements.txt
index 7d14583d3..c106267bc 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,5 +1,6 @@
 # generated from manifests external_dependencies
 a2wsgi>=1.10.6
+altcha
 apispec
 apispec>=4.0.0
 cerberus
diff --git a/setup/fastapi_captcha/odoo/addons/fastapi_captcha b/setup/fastapi_captcha/odoo/addons/fastapi_captcha
new file mode 120000
index 000000000..2bbba3b2f
--- /dev/null
+++ b/setup/fastapi_captcha/odoo/addons/fastapi_captcha
@@ -0,0 +1 @@
+../../../../fastapi_captcha
\ No newline at end of file
diff --git a/setup/fastapi_captcha/setup.py b/setup/fastapi_captcha/setup.py
new file mode 100644
index 000000000..28c57bb64
--- /dev/null
+++ b/setup/fastapi_captcha/setup.py
@@ -0,0 +1,6 @@
+import setuptools
+
+setuptools.setup(
+    setup_requires=['setuptools-odoo'],
+    odoo_addon=True,
+)
diff --git a/setup/fastapi_captcha_altcha_backend/odoo/addons/fastapi_captcha_altcha_backend b/setup/fastapi_captcha_altcha_backend/odoo/addons/fastapi_captcha_altcha_backend
new file mode 120000
index 000000000..8227fb4c2
--- /dev/null
+++ b/setup/fastapi_captcha_altcha_backend/odoo/addons/fastapi_captcha_altcha_backend
@@ -0,0 +1 @@
+../../../../fastapi_captcha_altcha_backend
\ No newline at end of file
diff --git a/setup/fastapi_captcha_altcha_backend/setup.py b/setup/fastapi_captcha_altcha_backend/setup.py
new file mode 100644
index 000000000..28c57bb64
--- /dev/null
+++ b/setup/fastapi_captcha_altcha_backend/setup.py
@@ -0,0 +1,6 @@
+import setuptools
+
+setuptools.setup(
+    setup_requires=['setuptools-odoo'],
+    odoo_addon=True,
+)