How can we improve WHMCS?

Share, discuss and vote for what you would like to see added to WHMCS

Invoice Auto Login Feature from email Templates



We need an AUTO Login Link feature in Invoice Email templates and PDF Invoices.

There is a serverping addon available
https://marketplace.whmcs.com/product/586

But this should be included in Whmcs itself as now Customers just want an option to QUICK PAY without Login

17 Comments

Login to post a comment.

I've switched from another invoicing platform and this feature is sorely missing.
If the link has a unique token based on the email sent, only those with access to the email will see the invoice without having to log in. In my view, it is not a security problem, since no one else, besides the recipient of the email, will have access to the link with the token. And the token doesn't even need to expire, as it's unique to the email sent.
Useful feature to have in my scenario. I do have re-occuring yearly and monthly products I sell. But i also sell services and there is a number of scenarios a customer is just coming direct to me for a single service and they will never use me again. So this feature would be handy as I would just create them as a client and send them the single invoice and so they can just pay the one off invoice without us having to chase and store there payment details. Especially for one time service alot of customer are not comfortable with there details being stored.
Useful function because invoice reminders of not yet paid invoices need the option to be paid from within the invoice OR
People need to be able to automatically login into their account (and thus be redirected to the invoice with payment options straight away) when receiving a reminder of an open invoice.
I see this as a useful function in WHMCS, but the link has to give access to only one invoice that can be viewed and payed and not the hole client area since that would be a security risk.

We have a few clients using external accounting, so the invoice is sent directly to the accounting partner to be payed. For those this will be very useful.

As in the Serverping add-on, there should be some limitations to the link set from the whmcs settings like expiration of the link.
Might be valid for a timeframe or 5 clicks or similar.
If there is a link to an invoice, such as https://www.MYDOMAIN.com/billing/viewinvoice.php?id=205116, it should include a token such as https://www.MYDOMAIN.com/billing/viewinvoice.php?id=205116?token=1441307151_4492f25946a2e8e1414a8bb53dab8a6ba1cf4615. This would authenticate the user and directly show the invoice '#205116'. Once the URL has been loaded, the token would be terminated so it can't be used again.

I see no reason to require a user to login as too many forget their credentials when a tokenized URL functionality can be added without much development.

If it takes a 'lot' of development, then you mgiht want to get some new developers. :) FYI, 40+ years of application development here but don't call me! :)
I'm interested
Por si alguien quiere utilizar esta funcionalidad que proporciona WHMCS: https://github.com/wifidel/whmcs-autologin-email
I agree it should be a 3rd Partly module
People annoyed because they forgot their passwords? I hardly think this is an issue (when did one of us last forget the password to our online banking for example)? - WHMCS has an excellent "forgot password" system.

Again, adding all the extra code, functions, etc. to facilitate something like this, adds the potential for exploits.

Keep it simple, and don't add this feature in the core (rather it could be an optionally installed module). Case in point, we've used WHMCS for several years, and never once (not ever) had a client not pay because of such issues.

For sure, clients have reset their passwords, but there has never been any issue, when clicking the "pay now" button in an invoice. To be fair, the majority have their credit cards, etc. set up for automatic payments within their WHMCS accounts.

Thus, it seems prudent not to include this in the core, rather as an add-on module for those who must use it.
:)
Could this be a login *for that payment only* ? I understand the security issue, but you'd be sorry to see how many people are annoyed and frustrated by a forgotten password, that they themselves were not able to remember or store of course, but then do not log in, forget to pay, queue to suspended accounts threats etc. Anything helping clients pay is worth considering :-)
Well - someone should be able to pay invoices and add new credit card information with that link, but not do anything else in the account.
So if someone else gets a hold of the link the worst they should be able to do is pay a bill :)
My opinion... Yikes please no! If someone else gets access to that email (by any method), then they have access to the clients logged in account. Additionally, this possibly leaves a door open for a client to argue "wasn't me" when a potential issue occurs. My opinion, just log in, it's not hard to log in ;) Case in point... Banks don't do this, as well as secure payment gateways don't do this. If WHMCS must do this, please be sure to make the feature optional, so that we can disable it.
I would love to have this added on my site please!
Hello, Any updates on this, I would love to have this on my site.