Customer portal glossary
Plain-English definitions for the 84 terms that come up when buying, building, or running a customer portal. Authentication, compliance, AI, investor portals, healthcare — all in one place.
A–Z
Every term, alphabetical
Click any term for the full definition, examples, and related concepts.
A
Accredited Investor A US designation for individuals or entities permitted to invest in private securities, based on income, net worth, or professional credentials. Agent Assist AI features that help human customer service agents work faster — suggested responses, summarization, knowledge retrieval — without replacing the human. AP Automation Software that automates the invoice-to-payment workflow — receipt, OCR, matching, approval routing, and payment. API (API) A defined interface that lets software systems communicate — the foundation of customer portal integrations with CRMs, billing systems, and other tools. Audit Log An immutable, timestamped record of who accessed what, when, and what action they took within a system.
C
Cap Rate A real estate valuation metric expressing the ratio of a property's annual net operating income to its market value. Capital Call A formal request from a fund's GP to its LPs to fund a portion of their previously-committed capital. CC&R (CC&R) The governing document of a homeowners association, defining property restrictions, common-area rules, and homeowner obligations. CCPA (CCPA) California's data privacy law, granting California residents rights similar to GDPR over their personal data. Churn The rate at which customers stop doing business with a company in a given period. Client Onboarding The structured process of bringing a new client from contract signature to active usage and value realization. Client Portal A secure, logged-in platform for managing relationships with individual clients — typically used by professional services firms. Context Engineering The discipline of structuring the inputs (prompts, retrieved content, authenticated user state) given to an AI model to produce accurate, helpful, safe responses. Customer Effort Score (CES) A metric measuring how easy or hard it was for a customer to accomplish a task — typically the strongest predictor of loyalty. Customer Experience (CX) The sum of all interactions a customer has with a business across every touchpoint and over the entire relationship. Customer Health Score A composite metric estimating the likelihood that a customer will renew, expand, or churn — calculated from usage, engagement, satisfaction signals. Customer Portal A secure, logged-in web area where a business's customers access information, documents, and self-service actions specific to them. Customer Satisfaction Score (CSAT) A customer experience metric measuring satisfaction with a specific interaction or product on a 1–5 or 1–7 scale. Customer Success Portal A shared workspace between a Customer Success Manager and their assigned accounts for joint success planning, business reviews, and ongoing communication.
D
Data Processing Agreement (DPA) A GDPR-required contract between a data controller and a data processor specifying how personal data will be handled. Data Residency The geographic location where data is physically stored — increasingly regulated and increasingly important for compliance. Debt Service Coverage Ratio (DSCR) A real estate financial metric measuring whether a property's income covers its debt obligations. Digital Customer Experience (DCX) The subset of customer experience that happens through digital channels: portals, mobile apps, automated communications, AI chatbots, knowledge bases. Distribution Waterfall The rules governing how proceeds from a fund's investments are allocated between LPs and the GP — preferred return, return of capital, carry, and promote. DPI (DPI) A fund performance metric measuring realized distributions to LPs divided by capital they've paid in — the share of returns already received.
E
EDI (EDI) A long-established standard for exchanging business documents (purchase orders, invoices, ASNs) between organizations electronically. Electronic Health Record (EHR) The system of record for a patient's medical history, treatments, and clinical encounters — the backbone of modern healthcare IT. Encryption at Rest Encryption that protects data while it's stored on disk — databases, file storage, backups, logs. Encryption in Transit Encryption that protects data while it's being transmitted between the user's device and the server, typically via TLS. ERP (ERP) An integrated suite of business management software covering finance, supply chain, HR, manufacturing, and operations. Extranet A private network that gives external partners (clients, suppliers, distributors) controlled access to a business's internal resources.
F
FedRAMP (FedRAMP) The US federal government's program for authorizing cloud services for federal use. FHIR (FHIR) The modern standard API for healthcare data exchange — required for US EHRs and the foundation of most modern patient portal integrations. Form 8879 (8879) The IRS form authorizing a tax preparer to electronically file a taxpayer's return — must be signed by the taxpayer before e-filing.
G
GDPR (GDPR) The European Union's data protection regulation, governing how personal data of EU residents must be handled by organizations worldwide. General Partner (GP) The managing partner of a fund or partnership — responsible for investment decisions, operations, and reporting to limited partners. GLBA (GLBA) The US federal law requiring financial institutions to protect the privacy and security of their customers' non-public personal information. Gross Revenue Retention (GRR) A SaaS metric measuring revenue retained from existing customers excluding expansion — the floor of customer retention.
H
HIPAA (HIPAA) The US federal law governing the privacy and security of protected health information (PHI), with specific requirements for any portal handling patient data. HITRUST (HITRUST) A consolidated security and compliance framework popular in healthcare that maps to HIPAA, NIST, ISO 27001, and other standards. Homeowners Association (HOA) A residential community organization that manages shared spaces, enforces community rules, and collects dues from homeowners.
I
Information Blocking A US regulatory term for unreasonable delays or barriers to patient access to electronic health information — prohibited under the 21st Century Cures Act. Internal Rate of Return (IRR) An annualized return metric that accounts for the timing of cash flows — the dominant performance metric for private market investments. Intranet A private internal network or web application for employees — distinct from a customer-facing portal. ISO 27001 (ISO 27001) An international standard for information security management systems (ISMS), roughly equivalent to SOC 2 Type II in rigor.
K
K-1 (K-1) A US tax form reporting an LP's share of a partnership's income, deductions, and credits — the most important annual document for fund investors. Knowledge Base A structured collection of articles, FAQs, and guides that customers (and AI assistants) use to find answers without contacting support. Knowledge-Based Authentication (KBA) An identity verification method using personal questions (typically generated from credit bureau data) — required by the IRS for remote e-signatures on Form 8879.
L
Large Language Model (LLM) An AI model trained on vast text data to understand and generate human language — the engine behind modern AI chatbots and assistants. Limited Partner (LP) An investor in a partnership (typically a private fund) whose liability is limited to their investment amount. Low-Code Software development platforms that combine visual building with some custom code for cases where pure no-code isn't flexible enough.
M
Magic Link A passwordless authentication method that emails the user a single-use link, clicking which logs them into the application. Multi-Factor Authentication (MFA) An authentication method that requires two or more verification factors — something you know, have, or are. Multi-Tenant A software architecture where a single instance serves multiple customer organizations, each isolated from the others.
N
Net Operating Income (NOI) A real estate financial metric measuring a property's annual income after operating expenses but before debt service. Net Promoter Score (NPS) A customer loyalty metric measuring how likely customers are to recommend a business on a 0–10 scale. Net Revenue Retention (NRR) A SaaS metric measuring revenue from existing customers including expansion and minus churn — the single most important SaaS growth metric. No-Code Software development platforms that allow building applications visually without writing traditional code.
P
Passkey A phishing-resistant authentication credential bound to a specific origin, replacing passwords with cryptographic key-pair authentication. Patient Portal A secure online platform where patients access their health records, schedule appointments, communicate with providers, and pay bills. PCI DSS (PCI DSS) The security standard for organizations that store, process, or transmit credit card data. Procurement The process of acquiring goods and services for a business — including sourcing, contracting, ordering, receiving, and invoicing. Protected Health Information (PHI) Health information that, combined with identifiers like name or date of birth, is regulated under HIPAA.
R
Real Estate Syndication A structure where multiple investors pool capital to purchase a real estate asset, with a sponsor managing the deal. Request for Proposal (RFP) A formal document inviting vendors to submit proposals (or quotes) for a defined business need. Retrieval-Augmented Generation (RAG) An AI pattern where the model retrieves relevant content from a knowledge base and uses it to ground its response, reducing hallucinations. Role-Based Access Control (RBAC) An access control model that assigns permissions to roles, and roles to users, rather than assigning permissions directly to individual users.
S
SaaS (SaaS) Software delivered as a subscription service over the internet — the dominant delivery model for modern business software including most customer portals. SAML (SAML) An XML-based federated authentication protocol used to implement single sign-on (SSO) between identity providers and service providers. SCIM (SCIM) A protocol for automatically provisioning and deprovisioning user accounts between an identity provider and a service provider. Self-Service Portal A customer portal designed primarily to let users resolve issues, find information, and complete tasks without contacting support. Single Sign-On (SSO) Authentication that lets users access multiple applications with one set of credentials, typically managed through an identity provider. SOC 2 (SOC 2) An audit framework that verifies a service organization's security controls — the gold standard for B2B SaaS security demonstration. Step-Up Authentication Requiring additional authentication for sensitive actions even when the user is already logged in.
T
Telehealth Healthcare delivered remotely via video, phone, or secure messaging — increasingly integrated into patient portals. Time to First Value (TTFV) The time between a customer signing up and experiencing their first meaningful value from the product. TOTP (TOTP) A standard for generating short-lived one-time passwords, typically displayed in authenticator apps like Google Authenticator or Authy. TVPI (TVPI) A fund performance metric measuring total value (distributed + remaining) divided by capital paid in by LPs. Two-Factor Authentication (2FA) Authentication using exactly two factors — typically password plus a second verification (SMS code, app, hardware key).
By topic
Browse by category
If you know roughly what area you're in, this is the faster way to find the right term.
General & Definitions
Authentication & Security
Compliance & Regulation
AI & Customer Experience
Customer Success & Metrics
Technology & Architecture
B2B & Commerce
Investor & Finance
Accounting & Tax
Need to actually build it?
Our guides cover every step — from authentication and security to integration patterns and adoption.