WorkestraDocs
ModulesSupport

Support Customer Portal

Let your customers submit and track support tickets without a Workestra account.

The customer portal provides public-facing pages where your customers can submit support tickets, track their status, reply to agents, and rate their experience — all without needing a Workestra account. The portal is automatically branded with your workspace's logo, primary color, and support email from your White-label settings.

Portal Overview

Your workspace has a unique portal URL based on your workspace slug:

https://app.workestra.com/portal/YOUR-WORKSPACE-SLUG/submit

Share this link with your customers via your website, email signatures, help pages, or documentation. Anyone with the link can submit a ticket.

  1. Go to Support (the dashboard page)
  2. Find the Customer Portal card
  3. Click Copy Link to copy the full URL to your clipboard

You can also construct it manually: https://app.workestra.com/portal/{your-workspace-slug}/submit

For the embeddable variants (iframe, floating widget), see Embeddable Widget.

Branding

The portal pages render with your workspace's brand identity, pulled from Settings → Administration → White-label:

White-label fieldWhere it shows up
logo_urlTop-left of every portal page (replaces the generic icon)
brand_nameHeader title (e.g. "Acme Support")
primary_colorSubmit button, Track-ticket button, success states
support_emailLinked in the footer above "Powered by Workestra"

Pages fall back to your workspace name and Workestra's default blue if no white-label config exists. There is no per-page branding configuration — set it once for the workspace and every portal surface (submit, tracking, CSAT feedback) updates.

What Customers See

Ticket Submission Form

When a customer visits your portal link, they see a clean, branded form:

FieldRequiredDescription
NameYesCustomer's full name
EmailYesEmail address (used for replies and tracking)
SubjectYesBrief summary of the issue
DescriptionNoDetailed information (up to 5,000 characters)
TypeNoSupport Request, General Inquiry, Bug Report, or Feature Request
AttachmentsNoUp to 3 files, 10 MB each (images, PDF, plain text, CSV, Word, Excel)

The Submit button uses your workspace primary color. Dark-mode browsers render the page in dark mode automatically.

Knowledge-Base Deflection

As the customer types the subject, the portal searches your published knowledge base and shows up to 5 matching articles inline — same deflection pattern the embed widget has. The customer can click through and resolve their own issue, or dismiss the panel and continue filling out the form. Each click is logged so the workspace can measure deflection rate.

Only published articles whose visibility is public or workspace-scoped are searchable.

File Attachments

Files can be attached at three points in the conversation:

SurfaceWhoLimitStored on
Submit formCustomer3 files × 10 MBticket.metadata.attachments
Tracking-page replyCustomer3 files × 10 MB per replycomment.metadata.attachments
In-app agent replyAgent5 files × 10 MB per replycomment.metadata.attachments

The same MIME allowlist applies in all three: images (JPEG, PNG, GIF, WebP, SVG), PDF, plain text, CSV, Word, Excel.

Customer uploads route through /api/public/upload, which is rate-limited (5 uploads / 10 min per IP) and validates MIME + size server-side. Agent uploads go directly to Supabase Storage via the authenticated session client.

The agent ticket detail page renders attachment chips inline under the message they were attached to. Submission-time files surface in the ticket header attachments card; reply-time files surface under their owning comment.

Security policy — no content scanning. Workestra validates MIME types against an allowlist and caps each file at 10 MB, but does not scan file contents for malware. The allowlist excludes executable formats (.exe, .bat, .scr, .js, .html) to limit the worst attack surface, but .pdf and .docx files can still contain macros or exploits. Treat customer attachments as untrusted input — open them in sandboxed viewers / browser preview, not directly on a developer machine.

Customers with a compliance requirement for content scanning (SOC2, HIPAA, etc.) should contact us before signing — we can add ClamAV or equivalent on a per-workspace basis.

After Submission

The customer sees a confirmation page with:

  • A ticket reference number (e.g. TKT-0042)
  • A Track Ticket button that links to the tracking page (also in your brand color)
  • A Submit Another button to create a new ticket

They also receive a confirmation email with the same reference number and tracking link.

Ticket Tracking

Customers can track their ticket at:

https://app.workestra.com/portal/YOUR-WORKSPACE-SLUG/tickets/TKT-0042

The tracking link in confirmation and reply emails embeds a one-time view token so the customer doesn't need to re-enter their email each time. Once on the page they can:

  • View ticket status — Open, In Progress, Waiting, Resolved, Closed
  • Read the conversation — All public (non-internal) comments from agents
  • Reply — Add a message to the ticket (which reopens it if it was resolved)
  • See resolution details — When the ticket has been resolved

CSAT Feedback

When an agent resolves a ticket, the customer receives an email with a Rate Your Experience button. This links to a satisfaction survey page where they can:

  • Rate their experience from 1 to 5 stars
  • Leave an optional comment
  • Submit once (the link expires after 7 days)

The rating is stored on the ticket and visible in the ticket detail sidebar and analytics.

What Happens Behind the Scenes

When a customer submits a ticket:

  1. Contact lookup — The system checks if a CRM contact exists with that email address
  2. Auto-create contact — If no contact exists, one is created automatically (name + email)
  3. Ticket numbering — A sequential ticket number is assigned (TKT-0001, TKT-0002, …)
  4. Ticket creation — The ticket is created with status Open, priority Medium, channel Portal
  5. Auto-assignment — If auto-assignment is configured, the ticket is assigned to the next available agent
  6. Sentiment scoring — The subject + description are scored by the AI sentiment service so urgent customers surface immediately in the queue
  7. Notifications — The assigned agent receives an email and in-app notification

When a customer replies from the tracking page:

  1. Their message is added as a public comment
  2. If the ticket was Resolved or Waiting, it reopens to Open
  3. The assigned agent is notified via inbox

Rate Limiting

The portal is rate-limited to 10 ticket submissions per hour per IP address to prevent abuse. Customers who exceed this limit see a friendly error message asking them to try again later.

Sharing the Portal

You have three ways to surface the portal to customers. Combine them — most teams use all three.

Add a plain link anywhere — your help page, contact page, or footer:

<a href="https://app.workestra.com/portal/YOUR-SLUG/submit">Submit a Support Request</a>

2. Iframe embed

Drop the submit form inside a page on your own domain (e.g. your /contact page):

<iframe
  src="https://app.workestra.com/portal/YOUR-SLUG/submit"
  width="100%"
  height="780"
  style="border:0;max-width:640px;display:block;margin:auto"
  title="Support request form"
  loading="lazy"
></iframe>

The visitor stays on your domain; only the form is hosted on Workestra. Branding (logo, primary color) still applies. Find this snippet ready-to-copy in Support → Settings → Widget → Iframe embed.

3. Floating widget

For a chat-style affordance on every page of your site, see the embeddable widget. One <script> line, includes inline knowledge-base deflection.

In email signatures

Include the portal link in your team's email signatures so customers can submit tickets directly:

Need help? Visit our support portal: https://app.workestra.com/portal/YOUR-SLUG/submit

Security

  • No login is required to submit a ticket
  • Tracking links carry a one-time view token (?t=…) tied to the ticket and customer email; the token expires after 30 days
  • CSAT feedback links use separate one-time tokens that expire after 7 days
  • All submissions are rate-limited by IP address
  • Customer replies are validated against the original email address on the ticket
  • The token-bound GET /api/public/tickets response is cached private, max-age=10, stale-while-revalidate=60 — short enough that an agent reply is visible within 10 seconds of a customer refresh, long enough to absorb double-refreshes

Next Steps

Sentiment Scoring

Auto-detect frustrated customers from inbound ticket replies and triage by mood, not just by SLA.

Embeddable Widget

Add a floating support button to your website so customers can submit tickets without leaving your site.

On this page

Portal OverviewFinding Your Portal LinkBrandingWhat Customers SeeTicket Submission FormKnowledge-Base DeflectionFile AttachmentsAfter SubmissionTicket TrackingCSAT FeedbackWhat Happens Behind the ScenesRate LimitingSharing the Portal1. Direct link2. Iframe embed3. Floating widgetIn email signaturesSecurityNext Steps