Manage your client accounts
Use the MSP portal to read your portfolio, find a specific client, and open per-client dashboards for campaigns and training.
The MSP portal is the entry point for partner teams running Hook across
multiple downstream orgs. One sign-in gets you a portfolio-wide dashboard,
a searchable hierarchy of every client you manage, and a per-client view
that lets you act inside that org without juggling credentials. This
walkthrough covers the three pages you'll live in: /msp,
/msp/clients, and /msp/clients/[clientId].
Who this is for
You're an MSP partner team member with access to two or more downstream client orgs. If you only manage a single organization, the Org Admin guides are a better fit.
Read the MSP dashboard
The dashboard at /msp is your portfolio overview. The header reads
Dashboard — Your managed service portfolio at a glance.
Sign in at app.hooksecurity.co and you
land on /msp if your account is provisioned as MSP staff. Four metric
cards run across the top: Total Clients, Users Under Management,
Active Clients, and Suspended Clients. Each links to
/msp/clients so you can drill in.
Below the metrics, the Recent Clients card lists the most recently added orgs with status (Active / Suspended) and date added. Click View All to jump to the full client list.
The What's Coming Next card surfaces roadmap items (Autopilot Console, Global Campaigns, PSA/RMM integrations) — informational only.
At the bottom, three Quick Action cards (Manage Clients, View
Client Reports, Organization Portal) and an FAQ accordion answer
common questions, including how the read-only preview relates to Hook
1.0 at portal.hooksecurity.net.
Screenshot pending
[MSP dashboard at /msp with the four metric cards and the Recent Clients table populated for a synthetic MSP managing Acme and Initech.]
Find a specific client
When you need to act on one org, jump to the client list at
/msp/clients. The page header reads Client Management.
The list renders as an Organization Hierarchy table: your MSP org sits at the top (depth 0, highlighted with a primary border) and each managed client nests beneath it. Use Expand All / Collapse All in the card header, or click the chevron next to any parent to toggle that branch.
Use the Search clients... field above the table to fuzzy-match by
name. Ancestor orgs of a match stay visible so the hierarchy isn't
broken — typing acme keeps the parent MSP row in view above the
matched Acme client.
Toggle Show inactive/expired on the right of the search bar to include orgs whose PhishingBox subscription is inactive or past expiration. By default the list hides them so day-to-day work isn't cluttered with stale accounts.
Each row shows a type badge (purple MSP vs. green Client), a status dot (green pulse for active, red for suspended or expired, muted red for inactive), the org name, and — when applicable — an Expired or Inactive pill. Hover a row to reveal the Details and Access buttons on the right.
Screenshot pending
[/msp/clients showing the hierarchy with Acme expanded, a search query filtering to Initech, and the Show inactive/expired toggle in its default off state.]
Open a client's dashboard
Hover a client row and click Details for the slide-out panel, or
open the row's overflow menu and choose Manage Client to navigate to
/msp/clients/[clientId].
The header shows the client's avatar, name, internal ID, join date, and an Active or Suspended badge. Two action buttons sit on the right: Launch Campaign and Manage Users.
Four metric cards summarize the client: Seats Used, Monthly Recurring Revenue with plan name, High-Risk Users from the latest campaign, and Training Completion across assigned courses.
Below the metrics, the Phishing Campaign Clicks chart plots monthly click volume over the last six months. The Recent Campaigns table on the right lists the latest simulations with name, click count, and date.
Some metrics are placeholders today
While the MSP portal is in early access, the per-client tiles (seats, MRR, high-risk users, training completion), the click chart, and the recent campaigns table render placeholder values. Treat this dashboard as a navigation surface today; for live numbers, Access the client and use the org-side reports.
Switch context to act as a client's admin
Hook doesn't use a separate "impersonate" mode for everyday MSP work. The MSP portal hands you off into the org's own admin portal with the right context selected.
On /msp/clients, hover the row for the target client and click the
Access button. The client's ID is written to sessionStorage as
selectedOrganizationId and the browser navigates to /org.
You'll land on that client's org dashboard with their data scoped to your view. The org sidebar — Users, Phishing, Training, Reports — now operates against this client. Anything you do here happens inside their org.
To work on a different client, return to /msp/clients and click
Access on a different row. The org switcher updates
selectedOrganizationId and the org portal re-scopes to the new client.
Suspended clients are read-only
The Access button is hidden for suspended clients (red status dot, reduced row opacity). An MSP admin must reactivate the client first.
Common pitfalls
- Inactive or expired clients can hide stale numbers. The default
view hides any client whose PhishingBox subscription is inactive or
past expiration. If a client you expect is missing from
/msp/clients, flip Show inactive/expired on before assuming they were removed — and check for the Expired pill before trusting metrics on their per-client dashboard. - Recent Clients on
/msplinks to the list, not the client. Clicking a name in the dashboard's Recent Clients table sends you to/msp/clients, not directly to that client's dashboard. To open a specific client, use the Manage Client action in the row's overflow menu on/msp/clients.