Customer Portal
Customer Portal
Calmony Pay includes a hosted customer portal that gives your end-users a self-service page to view their invoices and manage their payment details — no account or login required.
Overview
The portal is served at:
GET /portal/:token
Each token is unique to a single customer and has a 24-hour expiry. Once expired, a new token must be issued and shared with the customer.
The portal is fully public (no authentication headers required) and is intended to be linked to from emails, billing notifications, or your own application UI.
Features
Invoice list & PDF downloads
The portal displays all invoices associated with the customer. Each invoice can be downloaded as a PDF directly from the page.
Active subscriptions
A summary of the customer's currently active subscriptions is shown, including plan details visible at a glance.
Card update form
Customers can update their saved card details using a form powered by Cardstream Hosted tokenisation. Card data is handled entirely by Cardstream and is never transmitted through or stored by Calmony Pay.
Token lifecycle
| Property | Value |
|---|---|
| Scope | One token per customer |
| Expiry | 24 hours from issuance |
| Authentication | None — the token itself grants access |
Because the token grants unauthenticated access to customer-specific data, treat portal links as sensitive. Issue tokens only when needed (e.g. in response to a customer request or as part of a transactional email) and avoid logging or caching them.
Security considerations
- Tokens expire automatically after 24 hours — you do not need to revoke them manually in normal circumstances
- The Cardstream Hosted tokenisation form means raw card numbers are never processed by your servers
- Each token is scoped to a single customer; there is no cross-customer data exposure