Customer Portal for Invoices
Give customers secure, account-free access to invoices and quotes. Each portal link is tokenised, expires automatically, and includes a built-in payment flow.
Security at a glance
- One-click access—no passwords or accounts required.
- 32-character secure token unique to each document.
- Links expire automatically after 30 days (unless refreshed).
- View-only access by default; customers can’t edit records.
- Stripe Checkout handles any payments so card data never touches Toolfy.
Share portal links
Invoices
- Open the invoice you want to share.
- Click Send to customer.
- Choose Email, SMS, or Copy link. Toolfy generates a secure portal link immediately.
- Send—your customer now has self-service access with a Pay now button.
Quotes
- Open the quote and select Send quote.
- Pick Email, SMS, or copy the portal link.
- Customers can review the breakdown, accept online, add a signature, or leave a comment.
Delivery options
- Email: Sends a full email with branding, summary, and the portal link.
- SMS: Delivers a shortened link (automatic on Team/Business; Solo plans can copy to their own SMS).
- Copy link: Paste the secure link into WhatsApp, chat, or your own email client.
What customers see
Invoice portal
- Your branding, contact details, and invoice status badge.
- Invoice number, issue date, due date, and outstanding balance.
- Line items, tax, and a running subtotal.
- Pay now button that launches Stripe Checkout.
- Download PDF and view payment history (including partial payments).
Quote portal
- Quote reference, creation date, and validity window.
- Detailed services including optional line items.
- Buttons to Accept quote, add a signature, or leave a note.
- Activity log showing views and acceptance time.
Regenerate or expire links
Regenerate link
- Open the invoice or quote.
- Click Portal settings.
- Select Regenerate link.
- The previous link stops working immediately; resend the new link to your customer.
Regenerating invalidates all previously sent links—remember to resend the new one to your customer.
- Portal links expire 30 days after they’re generated.
- Customers see “This link has expired” if they visit an old token.
- Click Resend to create a fresh 30-day link.
- Paid invoices remain viewable for customer records, even after payment.
Customer payment flow
- Customer opens the portal link from email or SMS.
- Reviews the invoice and taps Pay now.
- Stripe Checkout opens in a new tab for secure payment.
- Customer receives a Stripe receipt and you’re notified.
- Funds land in your Stripe account according to your payout schedule.
Tip: Customers never need to create a login, removing friction so you get paid faster.
Customise the portal
Branding
- Settings → Branding → Upload your logo (PNG/JPG up to 2 MB).
- Choose brand colours and update business details.
- Changes apply across all portal pages, emails, and PDFs.
Payment terms & messaging
- Settings → Payments → Payment terms.
- Add late fee or warranty wording.
- Include bank transfer details if you accept offline payments.
Track portal activity
Open any invoice or quote and check the activity log to see:
- View count—how many times the customer opened the link.
- Last viewed timestamp.
- Payment attempts (started but not completed).
- Download logged when the PDF is saved.
Troubleshooting
Link not working
- Check whether the link expired (after 30 days).
- Ensure a new link wasn’t generated since sending.
- Confirm the entire URL—which includes the 32-character token—was copied.
- Resend from the invoice to create a fresh link.
Customer can’t pay
- Verify Stripe is connected in Settings → Payments & Payments.
- Make sure the invoice isn’t already marked as paid.
- Ask the customer to retry with a different card or browser.
- If issues persist, check Stripe Dashboard for declined payments.
Portal showing outdated information
- Refresh the invoice or quote page after making changes.
- Allow up to 30 seconds for cached data to update.
- If needed, clear the customer’s browser cache or resend the link.
Security note: Portal links are secure tokens but not password-protected. For highly sensitive documents, consider password-protecting the PDF before sending.