Most MSP platforms either have no client-facing portal, or they have a generic "submit a ticket here" page that's clearly not yours. Morton Command Center includes a full white-label portal — separate subdomain, separate bundle, separate auth — that lives on your domain, shows your logo, and exposes exactly the features you decide to share with each client. Nothing more, nothing less. Which tabs your clients see, which integrations feed them, and how the portal is branded are all custom-built around your exact stack during your engagement — the portal arrives configured for the tools you actually run, not a rigid template you have to bend yourself into.
Branded, white-label, per-tenant
- Lives at
portal.yourdomain.com(or whatever subdomain you pick) — not a shared marketing page. - Your logo at the top, your gradient colors throughout, your contact info in the footer.
- You pre-create client accounts and email invites, or clients register via a magic-link invite — passwords and Google sign-in supported. Access is restricted to accounts you approve.
- Multi-company portfolio support — clients who manage IT for multiple sub-companies switch between them with a picker.
Per-feature operator toggles
Settings → Customer Portal exposes 20+ granular feature toggles organized into 9 tab groups: Overview, Work, Maintenance, Security, Backup, Invoices, Contacts, Licenses & Renewals, Email Preferences. Each toggle controls a specific card. Disable the parent tab to hide every card under it. Roll features out to high-tier clients before low-tier clients by leaving the toggle off until you're ready.
- Overview — monthly bill summary, active services count, open tickets count, contract terms.
- Work — included vs billable work breakdown with per-ticket status + hours.
- Maintenance — automated maintenance history from your RMM (we build your RMM integration custom to your stack — any RMM with an API is wired up the same way): autofix actions, patches applied, devices brought back to healthy.
- Security — your security posture at a glance across three cards: endpoint detection (EDR/MDR), identity detection (ITDR), and penetration testing with remediation tracking (we build your security integrations custom — any security tool with an API feeds the same cards). Read-only visibility for clients — security actions stay in your console.
- Backup — on-prem backup status, Microsoft 365 cloud backup sync state, and SaaS-protection compliance — monitoring and visibility only (we build your backup integration custom — backup platforms are wired in via their API or by ingesting their emailed status alerts during your engagement). Morton Command surfaces backup health; it doesn't run or restore the backups themselves.
- Invoices — recent billing history and payment terms from your accounting system (we build your accounting integration custom — QuickBooks Desktop, QuickBooks Online, Xero, Sage, or anything with an API is built to your stack).
- Contacts — role-based contact roster (primary, backup, purchase approvers) the client can edit.
- Licenses & Renewals — license counts, renewal dates, and expiration warnings from your tenant management tooling (we build your provisioning integration custom — any provisioning tool with an API is built to your stack).
- Email Preferences — client manages their own opt-in/out for automated reports and marketing.
Every card in the portal pulls current data from the tools you already run — your security stack, your RMM, your accounting system, your PSA / ticketing system — synced before display. There is nothing to migrate, no duplicate data entry, no second system of record. Every integration is custom-built to fit your exact stack as part of your engagement: because Morton Command Center is API-driven, any tool with an API is built for you, custom to your stack. If your tool has an API, we build the integration. That's the advantage of a fully customizable platform over a rigid all-in-one suite: you're never forced onto someone else's pre-built connector list — your build wires up the tools your clients actually care about, on the stack you already run.
Scope-enforced data isolation
Every API call from the portal is scoped server-side to the customer's company IDs. A client can't fetch another customer's tickets even with a direct URL hit — the JWT carries the company scope and the API enforces it. Multi-company portfolio customers see only the companies in their portfolio.
Pricing
Flat monthly pricing — no per-seat fees, no per-client charges, no per-vendor surcharge. Onboard ten more clients to the portal and your bill stays the same. See current pricing on the homepage →
Ready to talk?
The first call is a 30-minute discovery — we map which features you'd want to expose to clients on day one, which tiers see what, and whether you'd run the portal on a sub-domain of your existing site or a new one. No commitment, no sales pressure.
Questions first? Email [email protected] or read the FAQ.