Client portal
A place clients manage themselves. With you in the loop.
Sign-in is a six-digit code to their email, no password, no app to install. Cancel, reschedule, download a receipt, check the credit balance. With auto-approve off, the salon decides; with it on, the client serves themselves.
Built for salons whose phone rings about reschedules more than new bookings. Once the portal is live, the calls drop.
01/
Email one-time code. No password, no app.
Sign-in is a six-digit code emailed to the client. It expires in 15 minutes and is SHA-256 hashed at rest. No password to forget, no app to download, no friction. The first send goes to whichever email is on the client's record; subsequent sessions reuse it.
Code in the body, not the subject.
The six-digit code is never in the subject line so an inbox preview on a lock screen can't leak it.
15-minute expiry.
Short enough that a stale code in someone's inbox stops being a risk by the next morning.
SHA-256 at rest.
The code is hashed before it lands in the database; the plaintext only exists in the email and in the client's session.
Salon-scoped sessions.
A client who books at multiple salons keeps separate sessions. Each salon's portal is its own surface; data doesn't leak across tenants.
02/
Multi-salon picker for the clients who shop around.
If a client's email is on file at more than one Flowesce-using salon, the post-OTP screen shows a picker. The client picks the salon and the session scopes to it. The salons don't see each other's data; the client gets the convenience of one inbox, one sign-in code.
03/
Overview, appointments, packages, receipts.
Four pages at /account. Overview shows the next appointment and the credit balance. Appointments shows past and upcoming with one-click cancel and reschedule. Packages lists active credit packages with remaining balances and expiry. Receipts gives a downloadable PDF per past appointment, the same one staff see in the admin.
Next appointment card.
Date, time, service, staff, branch. Deep-link to cancel or reschedule.
Past appointments list.
History with one-click rebook (deep-links back into your public booking page with the service prefilled).
Active packages.
Sessions left, expiry, last redemption. Useful for the client who can't remember if they have visits left.
Receipt PDF download.
Per-appointment, A4, with service / tip / tax / deposit / balance broken out. Useful for HSA / FSA, weddings, business expense claims.
04/
Cancel and reschedule with staff in the loop.
Default behaviour: clients submit a request, the new Requests page in your admin shows pending asks for a manager to approve or decline. Approving runs the actual change with the same race-safe slot check the public booking page uses, sends the client a confirmation email, and fires a bell to managers and the assigned staff. Withdrawing a pending request is one click for the client.
Requests admin page.
Pending cancel and reschedule asks in one inbox. Approve, decline, or reschedule to a different time the client didn't pick.
Race-safe approval.
Approval runs against the same Postgres exclusion constraint as a normal booking. Two simultaneous approvals on the same slot, only one wins.
Confirmation email on approval.
The client gets the same booking-confirmation shape so the new time lands in their inbox the moment it's approved.
Bell to managers + assigned staff.
The change fires a notification so the calendar stays in sync without anyone having to refresh.
05/
Auto-approve when you trust your clients.
Salon-wide setting under Settings → Business → Booking preferences. Flip it on and cancel and reschedule requests run immediately. Rows are still written with status APPROVED so the audit trail stays complete. The right shape for repeat-client salons that don't want the touch-points; the right shape OFF for medspa or high-stakes-service salons.
06/
The portal respects the booking policy.
Cancel and reschedule cutoffs from your booking policy apply to portal actions the same way they apply to the public booking page. Inside the cutoff window, the cancel button says "your card will be charged the late-cancel fee" with the dollar amount. The reschedule button blocks past the cutoff with a polite explanation and a Cancel instead button. No surprise charges.
Common questions
Honest answers, including the ones we don't love.
Can a client book a new appointment from the portal?
The Rebook button deep-links them into the public booking page with the service prefilled. We didn't build a separate booking flow inside the portal because the public flow is the most polished surface and we want the two paths to share a single bug-fix surface.
What if the client doesn't get the email?
The portal sign-in page has a Resend code button. We send through Resend with bounce and complaint webhook handling; if the address is bouncing the salon can see it on /marketing/email-log and reach out by phone.
Does the portal show forms the client needs to fill?
The forms today email a tokenized completion link directly to the client. The portal surfaces appointment status, packages, and receipts. Folding outstanding forms into the portal overview is on the post-launch list; it's a natural next step.
Can a client opt out of marketing from the portal?
Today opt-out goes through the unsubscribe link in any marketing email and through staff updating the client record. A self-serve communication-preferences page in the portal is on the post-launch list.
Is the portal mobile-friendly?
Yes. The pages were designed mobile-first (same constraint as the public booking page). Clients hit it from a phone; the typography, the touch targets, and the action confirmations all read clean on a small screen.
Pairs well with
Fourteen days. No card.
Try Flowesce on a real Saturday.
No card required, no auto-charge at the end. If Flowesce isn't for you, export everything in one click and walk.