Give your clients self-service
without giving up control

As the MSP, you handle the setup on behalf of your clients. There's no need for the client to navigate the signup process themselves — you do it for them, just like any other managed service.

Each client gets their own isolated instance. You repeat this process for each client you want to onboard — typically takes under 2 minutes per client.

Every tenant is completely isolated. This isn't just database-level isolation — it's architectural:

• Separate OAuth tokens —Each user authenticates with their own Microsoft account. Tokens are scoped to their tenant and encrypted in their browser session.
• No cross-tenant queries —API calls to Microsoft Graph use the signed-in user's own token. It is physically impossible to access another tenant's data through UserDesk.
• Independent subscriptions —Each tenant has its own Stripe subscription. One client canceling has no effect on any other client.
• Per-tenant audit logs —Every action is logged per tenant. Client A cannot see Client B's audit trail.
• Independent role management —Each tenant manages its own Admin/Member/Viewer roles. Your MSP team can be Admins on your own tenant while clients manage their own roles.

Once connected, your clients' designated staff (HR, office managers, team leads) can handle routine M365 tasks without opening a ticket with your helpdesk:

• Create user accounts —New hires get set up in under a minute using templates with pre-configured licenses, groups, and departments.
• Reset passwords —Locked-out employees get unblocked immediately — no waiting for your tech to respond.
• Manage licenses —Assign or remove licenses as headcount changes. Clients see what's available and what's consumed.
• Enable/disable accounts —Instant offboarding — disable sign-in with one click when someone leaves.
• Manage Teams & groups —Add and remove members from Teams channels, distribution lists, and security groups.

• Reduced ticket volume —Password resets and new hire requests are the top two M365 tickets at most MSPs. UserDesk eliminates them for clients who opt in.
• Full audit visibility —Every action taken by your clients' staff is logged. If something goes wrong, you have a complete trail.
• No standing access risk —UserDesk uses delegated permissions with zero standing access. When no one is signed in, there are no valid tokens. Nothing to leak, nothing to rotate.
• Flexible billing —Clients can pay directly through Stripe, or you can absorb the cost and bill them as part of your MSP contract using invite codes.
• White-label ready —Clients see UserDesk branding, not your competitors'. The portal is a tool you're offering as part of your managed services value.
• Quick onboarding —Each client is set up in under 2 minutes. No agents to install on their infrastructure, no VPN required, no firewall rules.

MSP clients often ask about security during onboarding. Here are the key points:

• No passwords stored —Authentication is handled by Microsoft's OAuth 2.0 flow with PKCE. UserDesk never sees or stores passwords.
• No tokens in the database —Access and refresh tokens are encrypted in the user's browser session cookie. Our database contains only billing metadata and audit logs.
• Delegated, not application —UserDesk uses delegated permissions (acts as the signed-in user), not application permissions (standalone access). Zero standing access to any tenant.
• Instant revocation —Remove UserDesk from Azure Portal → Enterprise Applications at any time. All access is immediately revoked.

For the full technical deep-dive, see our security page.

Each client tenant needs its own subscription. You have full flexibility on who pays:

• MSP pays, client reimburses —Use your MSP's card at checkout. Bundle the cost into your monthly managed services invoice at whatever margin you choose.
• Client pays directly —Have the client enter their own card during checkout. You handle the setup, they handle the billing.
• Mixed approach —Some clients on your card, some on theirs. Each subscription is independent — mix and match however you want.

Plans start at $59/mo (Starter) and $99/mo (Pro). Annual billing saves ~17%. Volume discounts available for MSPs managing 10+ tenants — contact us.