Skip to content
← CommunitySuite Idea Lab

How can we improve CommunitySuite? Search or submit ideas below.

CommunitySuite Idea Lab: Portal

Categories

JUMP TO ANOTHER FORUM

(thinking…)

Limit Profiles that can Login to the New Portal

We are enabling the new portal for Fund Advisor only for now. However, the portal does not LIMIT access to the portal to just Fund Advisor.

The portal currently allows anyone with an email address associated with a profile in our system to use the primary email and a pin to get into the portal and manage their contact information.

Is there a way to detect if the email entered is in our system and does NOT have a designation associated with an area we have enabled on the portal and then display a message that can be customized by us?

In our case, we would want to tell them that they do not have access to the donor portal at our foundation and to contact xxxx if they have questions. We would then customize the message as we open more areas of the portal.

We see this as a problem specifically for our grantees who often end up on our donor portal when they were trying to get to GLM. We do not want them to think that because they are seeing their profile, they should also be seeing grant applications.

18 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Michelle Schneider shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Julie commented  ·   ·  Report

    Yes! This is going to be a significant issue for grantees that think they're logging into GLM and Board Members who think they're logging into the secure section of our website.

  • Sally Weldon commented  ·   ·  Report

    also, the PIN login by anyone (owner, profile, grantee) doesn't log - so we can't see how much activity is going on in the system by the logins that bypass the login/password option. Each Portal tab or Profile Designation should have a toggle as to whether this type of login is allowed. Then a Profile with ONLY Grantee designation wouldn't have the option to "drop off" into the Profile record, they could however get a screen that there's not a portal activated at this time or better, something we could customize. The entire idea of the PIN should be optional for us.

  • Susan Lotreck commented  ·   ·  Report

    I was not aware of this issue. We too will be enabling the portal for Fund Advisor only at this time.

  • Jenny C commented  ·   ·  Report

    I just implemented the new Portal and was very surprised to learn that ANY profile with an email address in CSuite can log in with a PIN. I even made a profile Inactive (in the Sandbox) and found it can still log in. This Portal access is a large extension of functionality from the Legacy Portal, far beyond us being able to decide whether only Fund Advisors, or Nonprofits, or Customers get access.

    I don't recall this being talked about in the training video and I'm wondering if other CSuite users even know this is a thing.

  • Michelle Schneider commented  ·   ·  Report

    If you don't want to let Hackers know what email is valid / invalid, can you send an email with customized content informing them that they are not authorized to use the portal at this time (instead of sending a PIN)?