Albaspot Albaspot
Features Pricing Tools Blog Docs About FAQ Contact
Sign in Get started
All features

Client Portal & Developer Access

Each of your clients gets their own login, their own view, and their own access controls — without any visibility into other clients' data.

Client-isolated login3 client rolesDMARC visibility2FA supportDNS management

WHY A CLIENT PORTAL

Give clients visibility without creating overhead

Without a client portal, managed services depend on you passing information manually — screenshots, email threads, or screen shares during calls. With the Albaspot client portal, clients can check their own domain status, DMARC pass rates, and SSL health without contacting you.

The visibility doesn't reduce your value — it demonstrates it. Clients who can see that their DMARC is at p=reject and their SSL is valid for another 280 days are clients who understand what you're doing for them.

Albaspot is not white-labelled. Clients log in at app.albaspot.com and see Albaspot branding. If white-label client portals are a requirement, Albaspot is not the right fit.

Acme Corp — Client Portal
Logged in as: jane@acmecorp.com
4 domains
3 active · 1 expiring soon
47 DNS records
across 4 zones
DMARC: enforced
p=reject on 3 domains
2 websites
both online

WHAT CLIENTS SEE

Their resources only — nothing else

Clients log in with their own credentials and see only the resources you have assigned to them — no visibility into other clients' domains, websites, or DNS records.

  • Dashboard with an overview of their domains, DNS, and websites
  • Domain list with registration status, expiry dates, and SSL health
  • DNS records for their domains (read or write, depending on role)
  • DMARC reports and pass/fail summary for their domains
  • Websites assigned to their account
  • Activity log scoped to their own actions

CLIENT-INVITED USERS

Clients can invite their own team members

Clients can send invitations to their own developers, marketing staff, or other team members directly from the client portal. You set the boundaries — clients manage their team within those boundaries.

01

Client Admin

Full access to their client's resources. Can manage DNS records, view DMARC reports, and manage websites. Can invite other client users.

02

Developer

DNS record read/write access for the client's domains. Can add, edit, and delete records. Cannot modify hosting configuration or DMARC policies.

03

Viewer

Read-only access to domains, DNS health, and DMARC pass/fail summaries. Useful for marketing teams who need to verify domain ownership or check email security status.

MSP-ONLY ACTIONS

What clients cannot do

The client portal provides visibility and limited management capability. A number of sensitive actions remain MSP-only by design.

Transfer or delete domains (MSP team only)
Change or reset billing information
View any other client's data or resources
Access MSP-level monitoring alerts
Modify DNS templates used by the MSP team
Remove MSP team members or change their access

AUTHENTICATION

Secure authentication for client users

The client portal uses its own authentication system, separate from your MSP team login. Client users can enable two-factor authentication and generate backup codes. Sessions are scoped to their client context.

Two-factor authentication (2FA) available for all client users
Backup codes for 2FA recovery
Invitation links expire — cannot be used more than once
MSP team can revoke client user access at any time

How this connects to MSP access control

The client portal is one tier of a three-tier access model. Your MSP team uses Owner, Admin, and Member roles with scoped permissions. Clients can never see MSP team details or other clients.

MSP Access Control

Give your clients real visibility

Set up a client, invite their team, and let them see exactly what they need — nothing more.

Start free trial See pricing