client

Senior PMs at software consultancies currently reconstruct project status from memory every Friday afternoon—toggling between Linear boards, Slack threads, and half-baked spreadsheets to compile client updates that take 47 minutes on average (n=23 PMs surveyed, internal research, Aug 2025). By Monday morning, that snapshot is stale. When clients reply with "actually what about the auth fix?" the PM repeats the archeological dig, or worse, sends inaccurate information that erodes trust and delays invoicing.

The business case: 18 PMs × 5.2 hrs/week × $78/hr blended cost × 48 weeks = $350,438/year recoverable (source: HR cost data, time-tracking from Toggl baseline, Aug 2025). If adoption reaches only 40% of PM team: $140,175/year. The 3-month build cost is $85,000 (source: eng capacity planning, India-based team rates per Regional Cost Benchmarks).

This feature is a filtered operational dashboard that ingests Linear/Jira data and generates client-safe shareable views with zero manual curation. It is not a replacement for Linear/Jira (work stays in existing tools), a client collaboration workspace (no commenting or file sharing), or a billing/time-tracking system (hours remain in existing accounting software).

Competitive Landscape:

Notion solves this through manual databases where PMs paste screenshots—hired for "flexible documentation" but fired when updates rot after 48 hours. Linear solves this through internal Kanban views—hired for "developer velocity" but fired when PMs spend hours sanitizing screenshots for client consumption. Salesforce solves this through project management modules—hired for "enterprise sales tracking" but fired when implementation requires six months of $300/hr consulting.

Our wedge is zero-config client transparency because consultancies lose 12% of recurring revenue to "surprise" scope disputes that better visibility prevents (source: Agency Profitability Report 2024, n=340 firms).

WHO / JTBD: When managing 4–6 simultaneous client engagements, a delivery lead wants to know which projects are blocked, which are billing-ready, and what to communicate to clients—without spending Friday nights exporting CSVs from Linear or sanitizing screenshots in Figma.

THE FAILURE MODE:

• TRIGGER: 4:30 PM Friday, client Slack pings "quick update before weekend?"
• DETECTION: PM opens Linear, realizes the "API integration" ticket moved to "Done" 3 days ago but the client-facing milestone "OAuth Complete" was never updated because the dev didn't link the PR to the milestone
• IMPACT: PM sends optimistic "OAuth on track" email Friday evening. Client discovers the truth Monday from their own QA team, trust drops, and the renewal conversation scheduled for Tuesday gets pushed to "let's reassess scope."
• FREQUENCY: 2.3x per week per PM (source: calendar analysis of 12 PMs, week of Aug 10-16, 2025)
• COST: 5.2 hours/week × 18 PMs × $78/hr = $350K/year in recoverable labor + estimated $420K/year in at-risk renewal revenue from trust erosion (source: sales pipeline risk analysis, deals >$50K with "communication friction" flagged)

Quantified Baseline:

JTBD Statement: "When managing multiple client projects, I want a real-time health dashboard that automatically surfaces the delta between internal progress and client-facing milestones, so I can share accurate status in under 5 minutes without exposing internal chaos."

Phase 1 — MVP (6 weeks): A read-only dashboard that ingests Linear data via API, maps internal issues to client-visible milestones, and generates password-protected share links. Scope capped to Linear-only integration, single-level milestones (no epics), and manual blocker flagging.

Phase 1.1 — Hardening (4 weeks): Jira Cloud integration (top requested blocker), Slack notification routing when health status changes, and CSV export for client quarterly business reviews.

Phase 1.2 — Expansion (6 weeks): Client self-serve login (magic links retire), comment capture on shared views, and two-way sync (close milestone in dashboard → updates Linear).

Kill Criteria: If <40% of enrolled PMs generate a client share within 14 days of onboarding, or if client view open rate is <25% after 30 days, Phase 2 is cancelled pending qualitative investigation.

┌──────────────────────────────────────────────────────────────────────────────┐
│ Projects Dashboard                                    [+ New Project] [⚙] │
├──────────────────────────────────────────────────────────────────────────────┤
│ STATUS: ALL        HEALTH: 🔴 Needs Attention (3)      Last sync: 2m ago   │
├──────────────────────────────────────────────────────────────────────────────┤
│                                                                              │
│  Contoso API Migration          ████████░░ 80%    🟡 At Risk (Blocker: DB) │
│  └─ Client: Contoso Inc        Due: Aug 28     [Share →] [Details →]     │
│                                                                              │
│  Acme Mobile Rewrite            ██████░░░░ 60%    🟢 On Track             │
│  └─ Client: Acme Corp          Due: Sep 15     [Share →] [Details →]     │
│                                                                              │
│  StartupXYZ MVP                 ███░░░░░░░ 30%    🔴 Blocked (External dep) │
│  └─ Client: StartupXYZ         Due: Oct 01     [Share →] [Details →]     │
│                                                                              │
└──────────────────────────────────────────────────────────────────────────────┘

┌──────────────────────────────────────────────────────────────────────────────┐
│ Contoso Inc — Project Status                             [🔒 Private Link] │
├──────────────────────────────────────────────────────────────────────────────┤
│                                                                              │
│  OAuth2 Integration              ✅ Complete          Aug 22, 2025         │
│  ├─ User login flow              ✅ Complete                                   │
│  └─ Admin portal                 ✅ Complete                                   │
│                                                                              │
│  Database Migration              🔄 In Progress      Due: Aug 28           │
│  ├─ Schema design                ✅ Complete                                   │
│  └─ Data seeding                 ⏳ Pending (blocked by AWS credits)        │
│                                                                              │
│  API Performance Tuning            ⏳ Not Started      Due: Sep 05           │
│                                                                              │
├──────────────────────────────────────────────────────────────────────────────┤
│ Updated 2 minutes ago from Linear • Questions? Reply to your PM directly    │
└──────────────────────────────────────────────────────────────────────────────┘

Before/After Narrative:

Before: Sarah, Delivery Lead at a 25-person consultancy, spends every Friday 4–6 PM in a "status panic." She screenshots Linear columns, pastes them into a Google Doc, manually highlights which tickets map to the "Phase 2 Milestone" the client actually cares about, then emails four different clients slightly different versions because she can't remember which ones know about the secret mobile app branch. She misses dinner. Monday morning, the CTO at Contoso replies "This doesn't match what our dev saw in staging" and the Tuesday renewal call is now a damage control meeting.

After: Sarah opens the dashboard at 4:45 PM Friday. She sees a red indicator on "Contoso DB Migration" because the Linear ticket was flagged "blocked-external." She clicks the milestone, confirms it's client-relevant, adds a note about the AWS credits delay, and clicks "Generate Client Link." She pastes the URL into an email with the subject "No surprises—heads up on DB timing" and hits send at 4:52 PM. She makes dinner. Monday morning, Contoso's CTO replies "Thanks for the transparency, let's talk about AWS support credits on Tuesday instead."

Phase 1 — MVP: 6 weeks

US1 — Linear Connection

• Given a PM with Linear admin access
• When they authenticate via OAuth and select workspace
• Then the project list populates within 30 seconds with <2% timeout failure rate (validated by Engineering against 50-connection baseline)

US2 — Project Mapping

• Given a connected Linear workspace
• When a PM creates a "Client Project" and maps Linear teams/milestones to it
• Then only issues with label "client-visible" appear in the mapped view with 100% consistency (P0 — launch blocking if any internal-only ticket leaks)

US3 — Health Calculation

• Given a mapped project with milestones
• When the underlying Linear data changes (status, due date, blocker flag)
• Then the dashboard reflects the change within 5 minutes with ≥99.5% accuracy (P1 — validated by QA against Linear API truth)

US4 — Client Share Generation

• Given a project with at least one milestone
• When a PM clicks "Generate Share Link"
• Then a unique URL is created with 7-day TTL, viewable without login, logging each access with timestamp and IP (P0 — security compliance requirement)

US5 — Client View Rendering

• Given a valid share link
• When a client opens the link in Chrome, Safari, or mobile Safari
• Then the milestone list renders with <2s initial load (p95) and <500ms subsequent loads (CDN cache) (P2 — validated by Performance team)

US6 — Blocker Escalation

• Given a Linear issue tagged "blocked" or moved to "Blocked" column
• When that issue is mapped to a client-visible milestone
• Then the PM receives a Slack DM within 5 minutes with direct link to update client-facing notes (P1 — validated by PM against 20 blocker simulations)

Out of Scope (Phase 1):

Phase 1.1 — 4 weeks post-MVP:

• Jira Cloud integration (issue → milestone mapping)
• Slack notification preferences (digest vs realtime)
• CSV export for quarterly business reviews

Phase 1.2 — 8 weeks post-MVP:

• Client user accounts (replace magic links)
• In-view comment capture (client → PM async comms)
• Two-way milestone close (close in dashboard → Linear)

North Star Metric:

Input Metrics:

Guardrail Metrics (must NOT degrade):

What We Are NOT Measuring:

• "Time spent in dashboard" (encourages vanity scrolling, not efficiency)
• "Number of projects created" (could inflate with empty/test projects)
• "Feature adoption % of all Linear users" (we only care about PMs, not devs)

Risk 1 — Linear API Rate Limit Exhaustion

• Prewritten Postmortem: "On [date], 12 PMs simultaneously refreshed dashboards during Friday status crunch, hitting Linear's 1,500 req/hour rate limit. All client views showed 'Sync failed' for 47 minutes. Root cause: No request queuing or backoff. Contributing factors: Shared API key across tenants; no caching of static milestone data. Detection: Linear 429 error spike in Sentry. Customer impact: 8 PMs missed client deadlines; 2 urgent Slack escalations. Resolution: Implemented Redis request queue with exponential backoff; per-tenant token rotation. Prevention: 4-hour TTL cache for milestone metadata; pre-emptive scaling on Fridays 2-6 PM UTC."
• Likelihood: Medium | Impact: High
• Mitigation: Implement Redis-based request queuing (Owner: Backend Eng Lead; Deadline: Sprint 2)

Risk 2 — Accidental Data Exposure

• Prewritten Postmortem: "On [date], a PM mapped their entire Linear workspace (including 'Internal: Firings Q3') instead of just the client project. A client viewed the share link and saw sensitive HR data. Root cause: UI allowed root-level workspace sync without team filtering. Contributing factors: No default 'exclude' labels; confusing mapping UI. Detection: Client reported via email to CEO. Customer impact: Legal review required; 1 contract termination. Resolution: Immediate revoke of all shares from affected workspace; added mandatory team selection step. Prevention: Mandatory 'client-safe' label requirement before share generation; admin audit of first 3 shares per new project."
• Likelihood: Low | Impact: Critical
• Mitigation: Mandatory "client-visible" label gate (Owner: Product; Deadline: Sprint 3); Admin approval for first share (Owner: Eng; Deadline: Sprint 4)

Risk 3 — Jira Complexity Halo Effect

• Prewritten Postmortem: "We shipped Phase 1.1 Jira integration with only default field mapping. Three enterprise prospects required custom Jira field ('Sprint_custom_4') mapping, which we didn't support. They selected competitor Productboard. Root cause: Underestimated Jira schema variability. Contributing factors: No enterprise customer development before building. Detection: Sales flagged lost deals in CRM. Customer impact: $180K ARR lost. Resolution: Emergency scope addition of field mapping UI. Prevention: Phase 1.1 includes only 'big 3' fields (Status, Assignee, Due Date); explicit 'Custom fields: Coming Phase 2' messaging; sales disqualifies custom field requirements until Phase 2."
• Likelihood: High | Impact: Medium
• Mitigation: Scope lock on standard fields only (Owner: PM; Deadline: Phase 1.1 kickoff)

Risk 4 — Magic Link Security Breach

• Prewritten Postmortem: "A client share link was posted to a public GitHub repo indexed by Google. Competitor accessed roadmap data. Root cause: No referrer checking or bot detection on magic links. Contributing factors: Links default to 30-day expiry (too long). Detection: Security scan flagged exposed URL. Customer impact: 1 client demanded data deletion audit. Resolution: Revoked all links with >7 day age; implemented referrer whitelist (optional). Prevention: Default 7-day expiry; optional IP allowlist for sensitive clients."
• Likelihood: Medium | Impact: Medium
• Mitigation: 7-day default TTL + optional IP allowlist (Owner: Security Eng; Deadline: Sprint 5)

Risk 5 — Adoption Drop After Honeymoon

• Prewritten Postmortem: "D30 data showed 80% of PMs stopped using dashboard after initial client share. They reverted to manual status emails. Root cause: Sync latency caused PMs to distrust data ('It said done but Linear said in progress'). Contributing factors: No 'last sync' timestamp visible; no education on 5-min delay. Detection: DAU drop alert. Customer impact: Feature became 'check occasionally' rather than default workflow. Resolution: Added prominent 'Synced 3 mins ago' badge; added 'Force refresh' button. Prevention: In-app tour explains sync delay; PM onboarding requires setting up 3 projects before claiming success."
• Likelihood: Medium | Impact: High
• Mitigation: Visible sync timestamp + manual refresh (Owner: Frontend Eng; Deadline: Sprint 4)

Kill Criteria — we pause and conduct a full review if ANY of these are met within 90 days:

1. Client data exposure incident confirmed (any severity)
2. <40% of enrolled PMs generate a share link within 14 days of account creation
3. Linear API rate limit exceeded >3 times in any 7-day window
4. Client view open rate <25% at D90 (indicating clients don't value the transparency)

5. 20% increase in support tickets categorised as "data sync inaccurate"

System Overview:

• Data Ingestion: Node.js workers poll Linear GraphQL API every 5 mins with exponential backoff; webhook receivers for immediate updates when Linear fires them
• Storage: Postgres 14+ for project mappings and user data; Redis for rate limiting and ephemeral share tokens
• Client Views: Next.js static site generation (SSG) with ISR (Incremental Static Regeneration) — client views served as static HTML from CDN, regenerated when underlying data changes
• Auth: Magic links via JWT with 7-day expiry; refresh tokens stored hashed in DB
• Integrations: Linear OAuth (Phase 1), Jira OAuth 2.0 (Phase 1.1), Slack Webhooks (Phase 1.1)

High-Level Flow:

1. PM authenticates Linear → we receive OAuth token
2. Nightly/continuous sync pulls Issues → filtered by "client-visible" tag → stored in client_milestones table
3. PM clicks "Share" → generates JWT with project ID + expiry → stores hash in share_tokens table
4. Client opens /view/{token} → Edge function validates JWT + hash → serves cached HTML or triggers regeneration
5. Webhook from Linear → invalidates cache for affected project → triggers background re-render

Assumptions vs Validated:

Decision 1: Integration Priority — Linear vs Jira

• Choice Made: Linear first, Jira Phase 1.1
• Rationale: 70% of target consultancies under 100 employees use Linear (source: Linear FY24 momentum report); Jira complexity requires field mapping UI that doubles MVP scope. Rejected: Build both simultaneously (risks two mediocre integrations).

Decision 2: Sync Architecture — Real-time vs Batch

• Choice Made: 5-minute delayed polling with webhook fallbacks
• Rationale: Linear webhooks are "best effort" per docs; we cannot guarantee real-time for client-critical moments. Batch provides predictable load and clear "last updated" semantics. Rejected: Webhook-only (unreliable for SLA) and true real-time GraphQL subs (rate limit risk).

Decision 3: Client Access Model — Magic Links vs User Accounts

• Choice Made: Time-boxed magic links (7-day expiry, refreshable) for Phase 1; login portal Phase 1.2
• Rationale: Eliminates client onboarding friction (no passwords, no "forgot email" support burden). Risk: link sharing mitigated by audit logging + IP fingerprinting. Rejected: Forced user accounts (would kill adoption) and permanent public URLs (security risk).

Decision 4: Data Scope — All Issues vs Curated Milestones

• Choice Made: Milestones/issues explicitly tagged "client-visible" only; default is hidden
• Rationale: Prevents accidental exposure of internal "refactor auth" tickets that mention sensitive architectural debt. Opt-in model forces PM intentionality. Rejected: Auto-filter by labels (too error-prone) and full transparency (clients saw internal "URGENT: Client is nightmare" ticket in beta).

Decision 5: Write-back Capability — Read-only vs Bidirectional

• Choice Made: Read-only Phase 1; bidirectional Phase 1.2 only
• Rationale: Simplifies permission model (no risk of client accidentally closing Linear ticket) and reduces API scope. Rejected: Immediate bidirectional (requires OAuth scopes consultancies won't grant for security reasons).

Decision 6: Hosting — Embedded vs Standalone

• Choice Made: Standalone hosted views (client.yourdomain.com/project-xyz)
• Rationale: Client-facing URLs load fast (CDN cacheable), brandable, and don't require consultancy to manage CORS or iframe sizing. Rejected: Embeddable widget (too dependent on client CMS constraints).

Pre-Mortem: Why This Failed

It is 6 months from now and this feature has failed. The 3 most likely reasons are:

1. PMs kept forgetting to tag tickets "client-visible" so the dashboards showed empty milestones or outdated data, making the tool look broken. PMs blamed the "extra step" and quietly reverted to screenshots. The root cause was that the tag requirement wasn't integrated into Linear's native workflow—devs had to remember to tag, not PMs.

2. We rotated magic link tokens as a security precaution, breaking all existing client bookmarks. Client IT departments panicked ("Is this phishing?"), consultancies lost credibility, and we had to build emergency user accounts (Phase 1.2) in a rushed 2-week sprint that broke the auth system.

3. Linear shipped "Guest Views" (a native client share feature) 4 weeks before our launch, rendering our primary wedge obsolete. We had no Jira integration ready to pivot to enterprise, and our small consultancy niche abandoned ship for the native solution.

What success actually looks like: Sarah and 14 other PMs start their week by reviewing the "Health Diamond" (our 4-color status visualization) instead of opening Linear first. Clients stop asking "where are we on the API?" because they check the link themselves Tuesday mornings. At the Series B board meeting, the CEO mentions that "client transparency" stopped being a weekly complaint in All Hands and became a competitive advantage in sales decks—we now win deals against larger consultancies by demonstrating real-time visibility in the pitch. The team stops getting 5 PM requests per week for "a quick export for the client" because it already exists.