ChargebeeAPI
Using AI coding agents like Claude Code or Cursor? Try the official Chargebee Agent Skills to speed up your development.Try now

Portal sessions

Customer Portal lets your customers to manage their account and billing themselves. Chargebee supports Single Sign-on (SSO) to access the customer portal. If you already have your own authentication for your website, it allows your authenticated customers to access their portal without having to login again.

Note: You can instead allow your customers to access the portal via login page provided by Chargebee. Read more.

Please follow the below steps for supporting portal access via SSO:

  1. Enable the "Allow access to customer portal via API" under "Settings > Hosted Pages Settings > Customer Portal" to use the portal sessions API.
  2. Provide a link in your website/application which your authenticated customers can use to access the portal (For example, {your_website_url}/portal_link).
  3. Handle the link request in your server code and create a portal session for the customer by calling Chargebee's "Create a portal session" API
  4. Forward the user to the access URL present in the "Portal Session" resource returned by the above API call.

Notes about access URL:

  • The access URL should be accessed by the customer within one hour from the time it was created.
  • Once accessed, the session is valid until the user logs out from the portal UI or logout API is called from your application for this session.
  • Once accessed, the access url cannot be reused. Hence do not persist this URL. Whenever you need to provide access to the portal, you need to create a new portal session.

Using Chargebee's authentication to allow access to your website

Note: This feature is not supported in in-app portal. Chargebee allows you to integrate your website by building user authentication on top of Chargebee. If you would want to allow access to parts of your website only to subscribers (like a paywall), you can integrate Chargebee's authentication without having to handle it from your end. Workflow:
Users should be redirected to the portal login URL - https://yourdomain.chargebeeportal.com/portal/login by passing the following parameters:

  • return_url - URL the users should be redirected to upon successful authentication.
  • cancel_url - URL the users should be redirected to when they want to go back to your website during login. The domain name used in the Return/Cancel URL should be added as a 'Whitelisted Domain' in Chargebee. Add just the domain name in Chargebee and not the entire URL: E.g. yourdomain.com.

Upon successful authentication, a session is created for the user and Chargebee redirects the user to the return_url along with the following parameters:

  • auth_session_id - Identifier to the authenticated session.
  • auth_session_token - Token for the session which should be sent later to activate this session. Using the auth_session_id & auth_session_token, you should call Activate a Portal Session API to validate the session details and create a session for that user in your website. Note: The process of setting up the portal account will take place along with the authentication process.

Sample Portal sessionJSON

API Index URL

https://[site].chargebee.com/api/v1/portal_sessions

Portal sessions attributes

id
required, string, max chars=70

Unique identifier for the portal session.

token
required, string, max chars=70

Unique pre-authenticated portal session token to access customer portal directly.

access_url
required, string, max chars=550

Unique URL for accessing the customer portal. Once accessed, this cannot be reused.

redirect_url
optional, string, max chars=250

URL to redirect when the user logs out from the portal.

status
required, enumerated string, default=created

Indicates the current status of the portal session.

Possible Enum Values
created

Indicates that the portal session is just created and not yet accessed by the user.

logged_in

Indicates that the portal session URL has been accessed by the user and the session is active.

logged_out

Indicates that the portal session is logged out either by user or via API.

not_yet_activated

Indicates that the portal session is created and not yet activated for the customer to allow access to your website. This is applicable when you use Chargebee's authentication for your website

activated

Indicates that the portal session is activated for the customer to allow access to your website. This is applicable when you use Chargebee's authentication for your website.

created_at
required, timestamp(UTC) in seconds

Timestamp indicating when this portal session was generated.

expires_at
optional, timestamp(UTC) in seconds

Timestamp indicating when the access URL will expire. Once expired, the URL cannot be used to login into the portal.

customer_id
required, string, max chars=50

Identifier of the customer.

login_at
optional, timestamp(UTC) in seconds

Timestamp indicating when this portal session URL was accessed by the user.

logout_at
optional, timestamp(UTC) in seconds

Timestamp indicating when this portal session was logged out either by user or via API.

login_ipaddress
optional, string, max chars=50

IP Address from which the portal session URL was accessed.

logout_ipaddress
optional, string, max chars=50

IP Address from which the portal session was logged out either by user or via API.

linked_customers

The list of customers for this session