KKliently

Controlling what each client can see

Client portal · 4 min read

Granular per-client visibility, access control, and link rotation — how to show each client exactly what's relevant and nothing that isn't.

Not every client should see the same portal. A long-term retainer client who never gets a fresh proposal doesn't need a proposals tab cluttering their view. A client on a single fixed-price contract doesn't need to browse a history of invoices. Granular visibility lets you tailor the client portal per person, so each one opens a space that shows what's relevant to them and nothing that isn't. The result is a cleaner experience for the client and fewer awkward questions for you. Here's how to think about it and set it up.

The four areas you control

The portal exposes four areas, and you choose which ones each client sees:

  • Proposals — documents to review and accept.

  • Contracts — agreements to sign.

  • Invoices — bills to pay.

  • Project status — where their work currently stands.

Visibility is set per client, not globally. Two clients can log into portals that look meaningfully different, each shaped to the relationship you actually have with them.

Match the view to the relationship

The simplest rule: show the areas a client uses, hide the ones they don't. A few common shapes:

  1. New client, mid-pitch. Proposals and contracts on; invoices and status off until the work actually starts. They see exactly the decision in front of them.

  2. Active project client. Contracts, invoices, and status on; proposals off, since there's nothing new to pitch. Their portal is about the live engagement.

  3. Retainer client. Invoices and status on; proposals off, and contracts hidden once the agreement is signed. A clean monthly view of what they're paying for and how it's going.

  4. One-off, fixed-price client. Just the contract to sign and the single invoice to pay. No need to surface a status tab for a job that's effectively a single deliverable.

None of these are rules you have to follow — they're starting points. The instinct to trust is that every visible area is something the client has to make sense of, so hiding the irrelevant ones is a kindness, not a restriction.

Access control: turning a client on and off

Visibility decides what a client sees; access control decides whether they get in at all. You can disable a client's access entirely — useful the moment an engagement ends, when you want the relationship archived rather than live. The data isn't deleted; the door is simply closed. When you re-engage later, you can switch access back on without rebuilding anything.

This pairs naturally with how clients sign in. Because access runs through a magic link rather than a shared password, switching a client off cleanly cuts their entry — there's no lingering credential floating around that you have to remember to revoke.

Sometimes a client forwards their portal link to someone you didn't intend — an assistant, a colleague, a wider distribution list. When that happens, rotate the link. Rotation invalidates the old link and issues a fresh one, so anyone holding the previous version loses access while your client simply gets a new way in. It's the portal equivalent of changing a lock: low-drama, instant, and worth doing the moment you're unsure who's holding the old key.

Visibility for your team, not just clients

Per-client visibility handles what your clients see. A related layer handles what your own people see. Kliently's roles — owner, admin, member, and contractor — come with enforced permission walls: a contractor sees only their own projects and time, never your client lists, your margins, or your invoices. So when you bring in a contractor for one project, you're not exposing the rest of your book. Together, client-facing visibility and internal permission walls mean every person — client or collaborator — sees a view scoped to exactly what they should.

A quick setup checklist

  • For each client, decide which of the four areas are actually relevant and switch off the rest.

  • Disable access the moment an engagement formally ends, rather than leaving stale portals open.

  • Rotate a link as soon as you suspect it's been forwarded beyond the intended person.

  • Lean on role-based permission walls so contractors never see client-level data in the first place.

Spend a minute on visibility when you set each client up, and the payoff is ongoing: every client opens a portal that feels considered and private, you never expose more than the relationship warrants, and the controls to tighten or close access are always one click away.