Skip to main content

[Beta] Legora Portal: Admin guide

This admin guide explains how to set up and govern Legora Portal for your organization, including access control, guest authentication, and recommended rollout practices.

Updated over a week ago

Introduction

This admin guide explains how to set up and govern Legora Portal for your organization, including access control, guest authentication, and recommended rollout practices.

For beta access, contact your Legora representative or send a request to [email protected]. We will help you move onto our new, more secure Global Authentication system and sign a contractual addendum to get started.

Admin checklist

  • Confirm Portal is enabled for your organization (Beta).

  • Decide who can create and manage Portals (Admin and Portal managers).

  • Define your standard setup (branding, MFA requirements, internal owners).

  • Start with one client and one matter, then expand.

  • Use View as Client to validate the guest experience before inviting external users (Note: View as Client reflects what you can see based on your permissions, not a specific client user’s permissions).

Create and manage Portals (Org settings)

Admins can create and manage Portals from Org settings → Portals.

Recommended practice

  • Keep Portal creation limited to Admins.

  • Assign 1 to 2 Portal managers per Portal to own day-to-day changes.

Roles and permissions (how sharing works)

Portal uses a collaboration policy model:

  • Permissions are item-specific and never inherited from projects.

  • Each resource requires explicit sharing to external users.

  • Sharing one item in a project can reveal that the project exists, but does not grant access to other items.

Admin responsibilities

  • Define who is allowed to share resources externally.

  • Standardize how your team decides what to share (and what not to share) with client users.

Guest authentication and MFA

External users authenticate via email and password by default.

Admins can require MFA for Portal guests:

  • Authenticator app, or

  • SMS

Recommended practice

  • Require MFA for Portal guests for sensitive clients or matters.

  • If an external user is blocked during MFA setup, remove and re-invite the user to generate a fresh invite link.

Revoking external access

External access requires an unbroken path from user → collaboration policy → resource. If you remove any one of these, access is revoked immediately.

Common admin actions that revoke access:

  • Removing a guest user from the Portal

  • Removing a guest from the external members list for a specific resource

  • Unsharing a resource from the Portal

Known limitations for Portal guests

External client users have restricted capabilities. Common limitations include:

  • Guests can only upload files in their private project. (This behavior may change as Portal settings become configurable, for example per project or per database.)

  • Reduced Assistant tools and UI actions compared to internal users. Portal Assistant is scoped down and primarily supports searching and asking questions over explicitly shared content (such as shared projects and Org DBs), rather than full Assistant feature parity.

  • No editing or management controls for firm-side resources.

  • Mobile app is not available for Portal guests.

Troubleshooting (admin quick triage)

Symptom: “You don’t have access to this Portal.”

  • Confirm the user was invited and accepted the invite using the correct email.

  • Confirm the user still exists as a Portal guest.

Symptom: Guest can access the Portal but can’t see a specific resource.

  • Re-check the sharing settings for the specific resource.

  • Confirm the guest is included in that resource’s external member selection.

Symptom: Guest is blocked during MFA setup.

  • Remove the guest from the Portal and re-invite them.

Capability notes

  • Portal supports law firm → client collaboration, where clients are invited into a white-labeled, firm-branded experience.

  • Clients do not need a Legora license to use a Portal. They access the Portal via the firm’s Portal URL and only see what has been explicitly shared with them.

  • Sharing options currently include:

    • Tabular reviews (including live collaboration)

    • Org databases (with files that clients can search and ask questions about)

    • Workflows (clients can run firm-authored workflows; underlying prompts and logic are not visible to clients)

  • Removing an external user revokes access immediately. Any existing Portal chat threads for that guest are cleared when access is removed.

Assistant scoping for guests

Portal Assistant is intentionally limited for external users.

  • Assistant answers are grounded and cited back to the shared source content.

  • Assistant context is restricted to explicitly shared content.

  • Portal Assistant excludes legal research, web search, and other full-platform Assistant capabilities.

Tabular review access model

When sharing a tabular review, clients can be granted role-based access.

  • Viewer

  • Reviewer (can flag risks)

  • Editor

Audit trails record user activity.

Related Articles
[Beta] Legora Portal: Overview
[Beta] How to invite clients and share resources in Portals
[Beta] Legora Portal: FAQs
[Beta] Legora Portal: Troubleshooting
[Beta] Working with your firm in Portal (Client guide)
Did this answer your question?