The COR portal — read-only government access without VPN gymnastics

A Contracting Officer Representative (COR) does not need a seat in your contractor system. They need a window into one specific contract, with the right CDRLs, the right CLIN burn, the right GFP inventory, and the right after-action reports — and nothing else.

Most federal contractors solve this with one of three patterns, all of them bad:

1. A shared SharePoint folder that requires a government PIV card to access. Half the COR's day is spent in IT support tickets.
2. A monthly PDF packet built by hand and emailed. Three weeks out of date by the time it lands.
3. A VPN account into the contractor's main system, with read-only roles cobbled together. Now you have a CAC user inside your tenant and a quarterly recertification problem.

What we built instead

The KTRNET COR Government Portal is a separate, dedicated surface. It is:

• Scoped to a single contract. A COR who oversees three different contractors gets three separate portal accounts, one per contract. No cross-tenant visibility.
• Read-only. Every action is a view, an export, or a digital signature. No write paths exist in the data layer for COR users.
• No VPN. A COR signs in from any browser. CAC sign-in is supported but not required.
• Live, not generated. What the COR sees is what your team sees. No batch jobs, no monthly packets, no email attachments.

What lives in it

Five things, organized into a single console:

CLIN burn. A live view of every CLIN, what's been delivered, what's been invoiced, and what the period of performance looks like. Drill-down on any CLIN to see the underlying timecards and direct charges.

CDRL submissions. Every CDRL deliverable, its due date, its current status, and the digital signature trail. The COR signs CDRLs directly in the portal — no DocuSign envelope, no email PDF.

GFP and CAP inventory. Every government-furnished property item or contractor-acquired property item, by serial number, with its current location, custody chain, and inspection history. DD-1149 movements are visible in the same view.

After-action reports. AARs submitted by the contractor, organized by mission or training event. Read-only, with a comment thread for COR feedback.

PWS compliance dashboard. Live status of every Performance Work Statement requirement. Green when met, amber when at-risk, red when missed. The COR sees this, the contractor sees this, the contracting officer sees this.

What does NOT live in it

Equally important. The COR portal is not a path into your contractor tenant. It does not show:

• Other contracts (only the one this COR is assigned to)
• Internal pricing or rate cards
• Personnel records beyond the labor categories on this contract
• BD pipeline or pursuit information
• Other contractor financial data

The line between what's visible and what's not is enforced at the data layer, not at the UI layer. A misconfigured permission grant cannot leak data; the data simply isn't queryable from a COR session.

Why this matters operationally

The most common reason a contractor loses a follow-on award is "the COR didn't have what they needed." The second most common is "the COR had what they needed, but it was three weeks out of date."

The COR portal eliminates both. The COR sees the same data your team sees. They see it now, not at month-end. And they see it without a VPN ticket, a PIV card workflow, or a SharePoint folder full of PDFs from someone who left the project six months ago.

How to give a COR access

Three clicks from your contract record:

1. Open the contract.
2. Click Add COR.
3. Enter their .mil or .gov email address. They get a magic-link sign-in.

That's it. The COR is in. They see what they should see. Nothing else.

Want to see this in action? Request a demo and we'll walk through the COR portal from the government's side, against your actual contract structure.