Orderverse DocsEntry Security
How the confirmation step and optional Strict Security Mode control buyer access to the order portal.
Overview
Every order portal link includes an entry security layer that controls what buyers see before the product catalogue loads. The default experience is a one-click welcome screen. An optional Strict Security Mode adds email verification for workspaces that need tighter access control.
Configure both settings in Configuration → Order Settings → Entry Security.
Confirmation step (default)
The confirmation step is always active. When a buyer opens an order link they see a short welcome screen before the catalogue appears:
| Link type | Heading shown |
|---|---|
| Customer link | Welcome back, {business name} |
| Workspace link | Welcome to {workspace name} |
The buyer taps or clicks Yes, Start Ordering (customer link) or Start your order (workspace link) and the catalogue loads immediately. No email address, password, or code is required.
When the confirmation screen is skipped:
- The buyer is returning from a Stripe payment page in the same session.
- The buyer is resuming a saved draft from the same browser session.
- An admin is previewing the portal from the dashboard.
Strict Security Mode
Strict Security Mode adds an email verification challenge before the portal opens. It is off by default and can be turned on in Configuration → Order Settings.
Customer link flow
- The buyer opens their unique customer link.
- A verification code is sent to the customer's saved email address.
- The portal shows four icon options. The buyer selects the one that matches the code word in the email.
- On a correct match the catalogue loads and a verified session is recorded.
The customer must have an email address saved in their profile for Strict Security Mode to work on their customer link. If no email is on file, the buyer sees a message to contact the supplier.
Workspace link flow
Because the workspace link is not tied to a specific customer, the buyer must identify themselves first:
- The buyer opens the workspace order link.
- They enter their email address.
- A verification code is sent to that address.
- The portal shows the four-icon image-match challenge.
- On a correct match the catalogue loads.
Image-match challenge
The challenge presents four icons (for example: Apple, Book, Camera, Leaf). The buyer's email
contains a code word such as Leaf. The buyer taps the matching icon to verify.
Each icon has a visible text label so the challenge does not rely on icon recognition alone.
| Scenario | Outcome |
|---|---|
| Correct icon selected | Portal opens; verified session recorded |
| Wrong icon selected | Error shown; buyer can try again |
| Code expired | Buyer can request a new code |
Choosing the right mode
| Mode | Best for |
|---|---|
| Confirmation only (default) | Most food-service, wholesale, and field-sales accounts. Fast entry with no friction for trusted buyers. |
| Strict Security Mode | Workspaces where price lists are sensitive, or where head-office buyers need confirmed identity before ordering. |
Strict Security Mode applies to both customer links and the workspace link. There is no per-customer override in the current release.
Tracking verification activity
The Customers → Activity page records confirmation and verification events per customer, including:
- Times the confirmation screen was seen and passed.
- Times a challenge was requested, verified, or failed.
See Customer Activity for the full reference.