Customer-Side Buyer Approval Portal

The problem this kills

You sell to businesses, and somewhere on the customer's side a junior buyer fires off an order without their boss's blessing. Then the order lands in your system, gets fulfilled, and weeks later their accounts-payable team disputes it: "Nobody approved this." Now you're eating a return, a restock, or a fight over an invoice - over a purchase the customer's own approval rules never authorized in the first place.

The fix isn't more rules on your side. It's giving the customer a place to get their own house in order before the order reaches you. This plan builds exactly that: a portal where the buyer drafts, their designated manager signs off, and only then does the order land on your desk - already authorized, already clean.

What you'll build

A customer-facing web portal with three roles working in one flow:

• Buyers log in and draft an order against their company's account.
• Approvers (their own managers) get an email, review the draft, and approve or reject it - right inside the portal.
• Your sales team sees only orders that cleared the customer's internal sign-off, confirms receipt, and exports a tidy CSV ready to key into your ERP.

Each customer organization sees only its own data. Every draft, approval, rejection, and confirmation is logged with a name and a timestamp. And the same draft can't sneak through twice.

What's inside the Implementation Plan

The plan opens by interviewing you about your business - your real approval thresholds, the customer orgs you sell to, how your buyers and approvers are structured, your order fields and SKU conventions, your typical and peak volumes, and the messy exceptions (rush orders, blanket POs, standing accounts). It reads a short tailored spec back to you, you give it a thumbs-up, and then it builds. The tool fits how you actually sell - it's not a generic template.

From there it walks you, one copy-paste prompt at a time, through:

• Setting up the database with row-level security so each customer org is walled off from the others.
• Loading your customer + approval-rules CSV (thresholds and approvers per org).
• The buyer draft screen, validated against your real order fields.
• The threshold-based routing engine that decides who must approve.
• The approver sign-off screen with email notifications via Resend.
• Your sales team's confirmation queue and the ERP-ready CSV export.
• A full audit trail and duplicate guards.

The governance it includes (this is the point)

This isn't a toy form. Governance is built in from the first prompt:

• Login so only invited buyers, approvers, and your team can touch it.
• Row-level security so a buyer at Customer A can never see Customer B's orders.
• A complete audit trail - who drafted, who approved or rejected, who confirmed, and exactly when.
• A hard human-in-the-loop approval gate: the customer's own approver must sign off before the order is ever submitted to you, and your team confirms receipt before it becomes an ERP-ready record.
• Duplicate guards keyed on customer + draft order ID, so the same order can't be processed twice.

Who it's for

Sales and operations teams at suppliers, distributors, and manufacturers who take repeat orders from business customers - and who are tired of cleaning up after orders that the customer's own people never authorized. It's built for the customer's buyers and approvers to use directly, with your sales team holding the final confirm step.

You've got this. Make the folder, start Claude Code, and paste the first prompt.