Connecting supplier portals safely

When Invoflux fetches invoices from supplier portals, the browser extension runs in your own already-signed-in session, so no portal passwords are shared with us. Any stored portal credentials are encrypted with AES-256-GCM.

Written By Sergiu Biris

Last updated 10 days ago

Some invoices only live inside a supplier's website. Invoflux can fetch those, and it does so without holding your passwords.

How it stays safe

  • The extension uses your own session. The Invoflux Portal Connect browser extension runs in your already-signed-in browser session, so it does not need your portal password and none is shared with us.
  • Stored credentials are encrypted. Where a portal connection does store credentials, they are encrypted with AES-256-GCM.
  • Least access. The connection is used only to fetch your invoices from that supplier.

Result

Invoflux can pull invoices from portals that do not email them, while your portal passwords stay with you.

  • Use Invoflux on mobile and with the browser extension
  • Is my data secure?