Use cases
Build client portals with AI-assisted engineering
Replace the email-and-attachments delivery process with a branded portal your clients log into — built as real code you own, on your own domain.
Ciao is an AI-assisted engineering platform for building client portals — branded, logged-in spaces where clients track projects, exchange files, approve deliverables and pay invoices. Unlike template portal products, Ciao generates a real React, TypeScript and Supabase application shaped to your delivery process, with per-client data isolation, an audit trail on approvals, governed changes and deployment to your own domain and cloud.
Published 2026-07-03 · Last updated 2026-07-03
What a client portal replaces
A client portal is a branded, logged-in space where your clients see project status, exchange files, approve deliverables and settle invoices. It exists to replace the delivery process most service firms actually run: long email threads, attachments named final_v7, and a weekly call that starts with "where are we on everything?"
Firms that run delivery through a portal answer fewer status questions, get approvals with timestamps instead of buried replies, and stop resending files. Clients get one URL that always shows the truth. The obstacle has never been wanting one — it has been that custom software was too expensive for a services margin, and off-the-shelf portals force your process into their template on someone else's domain.
Ciao changes the economics. You describe your delivery process — how projects move, what clients see, what needs sign-off — and Ciao builds the portal as a real React, TypeScript and Supabase application. Your brand, your domain, your workflow, your code.
What a client portal actually requires
- Client and organization accounts — A client is a company with several users — each signs in separately but sees only their organization's projects.
- Simple client sign-in — One-time email links or passwords for clients, SSO for your own staff. Clients will not enroll in your identity provider.
- Per-client data isolation — Row-level rules in the backend so client A can never query client B's records — enforced in the database, not hidden in the UI.
- Project and status objects — Projects, milestones and deliverables with explicit states: in progress, in review, approved, delivered.
- File exchange — Versioned uploads with previews and comments, so "which file is current" stops being a question.
- Approvals with a record — Clients approve deliverables in the portal; the record shows who approved what, when, and which version.
- Invoices and payments — Deposits and invoices payable inside the portal through a payment integration, tied to the project record.
- Notifications — Action-needed emails for clients, Slack alerts for your team when something is approved, rejected or overdue.
- Your brand throughout — Your logo, colors and domain — the portal reads as your product, not a third-party tool.
How a portal build runs on Ciao
1. Describe your delivery process
How work moves from kickoff to sign-off, what clients should see at each stage, and what stays internal.
2. Generate the data model and auth
Ciao builds the Supabase schema — organizations, users, projects, deliverables — with row-level isolation and client sign-in from the start.
3. Apply your brand
Import designs from Figma or describe the look; because the output is real React and Tailwind, nothing about the brand is off-limits.
4. Test the client-facing paths
QA replays the flows a client will hit — sign-in, download, approve, pay — and gates every publish behind smoke tests.
5. Govern the sensitive areas
Guardrails maps payments and client-data code into protected areas, applies plain-English policies and records review on risky changes.
6. Deploy on your domain
Ciao cloud or your own AWS, Azure or GCP account — the portal lives at portal.yourfirm.com, not a vendor subdomain.
7. Evolve it client by client
New deliverable types, new reports, a new service line — described in plain language, shipped through the same governed loop.
Security and governance checklist
- ✓ Row-level data isolation between client organizations, enforced in the backend
- ✓ Separate permission tiers for clients, client admins and your own staff
- ✓ Append-only audit trail behind approvals, merges, deploys and admin actions
- ✓ Guardrails review on any change touching payments or client data
- ✓ Security testing with access-control probes confirmed against the live app
- ✓ QA smoke gates before every publish to a client-facing surface
- ✓ Client files stored with scoped access, not shared links that leak
- ✓ Full code export available — the portal is yours if you ever leave
Client portal variations
Agency campaign portal
Campaign status, creative approvals with version history, performance snapshots and invoices in one branded space.
Accounting client portal
Document requests with checklists, secure uploads, filing status and engagement letters — no more sensitive PDFs over email.
Law firm matter portal
Matter status, document exchange and billing visibility for clients — workflow tooling for the firm, not legal advice.
Construction project portal
Milestones, site photos, change orders with client sign-off, and payment schedules tied to progress.
Consulting engagement portal
Deliverables, meeting notes, decision logs and a running view of scope against the statement of work.
MSP service portal
Ticket visibility, asset lists, maintenance windows and renewals for every managed client.
Portal requirements, covered
| Requirement | How Ciao covers it |
|---|---|
| Clients see only their own data | Row-level security rules generated into the Supabase backend |
| Multiple users per client | Organization accounts with per-user roles and invitations |
| Approvals that hold up later | Timestamped approval records behind an append-only audit trail |
| Payments in the portal | One-click payments integration through Blocks, tied to project records |
| Your brand and domain | Real React and Tailwind code, Figma import, deployed to your domain |
| Safe ongoing changes | Guardrails policy review plus QA replays on client-facing flows |
| Ownership | 100% code ownership — export the portal to your own repo at any time |
Frequently asked questions
Can each client organization have multiple users with different permissions?
Yes. Clients are modeled as organizations with individual users, and roles decide who can view, comment, approve or see billing. Your staff get their own tier with cross-client visibility.
How is one client's data kept away from another's?
Isolation is enforced with row-level security rules in the generated Supabase backend, so a query from client A physically cannot return client B's rows. Ciao's Security testing includes access-control probes that confirm this against the live app rather than assuming it from the code.
Can clients pay invoices inside the portal?
Yes. The payments Block adds provider-backed checkout for deposits and invoices, and payment status is recorded against the project so your team sees paid and overdue work in one place.
Can we white-label the portal completely?
Yes — the portal is your code on your domain, with no vendor badge. Agencies building portals for their own clients should also look at the Agency Build Grant, which is designed for exactly this kind of recurring client work.
What happens to the portal if we stop using Ciao?
You keep it. The portal is standard React, TypeScript and Tailwind on Supabase, exportable to your own repo at any time. Code ownership is 100% yours and customer code is never used to train models.
What does a client portal cost to run?
There is no per-client or per-seat meter — economics matter for firms with dozens of clients. Self-serve credits cover a first build; firms running client delivery on Ciao as a serious program start at USD 10,000 per year.