Vendor Portal Overview
What is the Vendor Portal?
The Vendor Portal allows vendors to:
Complete questionnaires: Respond to security questionnaires sent by your organization.
Upload resources: Share certifications, audit reports, and other supporting documents.
Support remediation: Respond to remediation requests and provide evidence of corrective actions.
Access modes
The Vendor Portal supports two access modes:
Public access (recommended): Vendors receive a direct link to a specific request. No authentication is required.
Private access: Vendors sign in through a magic link to access a secure portal. They can also invite other users from the same company domain.
We recommend using Public access to minimize friction, and switching to Private access only if the vendor requests it or when remediation actions are needed.
In public access mode, once a questionnaire or resource has been submitted, it cannot be reopened.
Private access management
In private mode, you, as the client, manage access to the portal.
A vendor user such as [email protected] can invite [email protected], but not [email protected]. To grant access to an external user, they need to contact you.
You can always see who has access to the portal from Vendor Profile > Resources > Share Portal.
With private access, authenticated vendors can access a Vendor Inbox that centralizes requests from different customers. They can switch between customer spaces directly within the portal.
Magic link
To access the portal:
• The vendor receives an email containing a magic link.
• Clicking the link signs them in and opens the portal.
• Once signed in, they can access their inbox and switch between customer spaces.