Turning on portal access
Portal access is off for every client by default. You decide, client by client, who gets in. This page covers enabling access, the invite, how clients sign in, the bulk-invite lane, and the “Sign in as client” view.

Turning a client on
Section titled “Turning a client on”On the client’s page, flip the Portal access toggle. Because this opens a real login to that client’s file, Fola asks you to confirm:
-
Flip the Portal access toggle on.
-
Confirm the client’s email. Fola shows the email the invite will go to and asks you to type or confirm it — a double-confirm so an invite never goes to the wrong address.
-
Fola enables access and queues the branded invite.
Every flip — on or off — is written to the activity log: who changed it, for which client, when. Turning access back off immediately revokes the client’s login.
The branded invite
Section titled “The branded invite”When access turns on, Fola sends the client a branded invite email — your firm’s logo, colors, and name, not Fola’s. It explains what the portal is and carries a one-time link to set their password and sign in for the first time.
How the client signs in
Section titled “How the client signs in”After the first sign-in, the client logs in with:
- Password — what they set from the invite link.
- Second factor — either an email code sent at sign-in, or Face ID on a supported device.
The second factor keeps a client’s immigration file behind more than just a password, which matters for the kind of data the portal holds.
Bulk invite lane
Section titled “Bulk invite lane”Bringing a whole caseload online at once? Use the bulk invite lane instead of toggling clients one at a time:
- Select the clients you want to enable.
- Fola confirms the email on file for each.
- Enable and send all the branded invites in one pass.
Every invite in a bulk run is audited the same as a single toggle.
Sign in as client
Section titled “Sign in as client”When a client is stuck — “I can’t find the upload button” — open Sign in as client to see the portal exactly as they do.
- The session is read-only on uploads — you can see what they see, but you can’t upload documents or submit on their behalf.
- The impersonation is audited: who signed in as which client, and when.
Was this page helpful?
Thanks — noted.