diff --git a/apps/web/src/portal/CustomerPortal.tsx b/apps/web/src/portal/CustomerPortal.tsx
index 0bdd4f6..5bc454e 100644
--- a/apps/web/src/portal/CustomerPortal.tsx
+++ b/apps/web/src/portal/CustomerPortal.tsx
@@ -179,12 +179,20 @@ export function CustomerPortal() {
 
   // After init completes, redirect unauthenticated users to /login and staff to /admin.
   // The portal chrome must NEVER be visible to users without a valid client session.
+  // For client dev users, we stay on the portal even if session is null — the dev-session
+  // response may not have id set immediately, or there may be timing issues with the
+  // session state. Dev users are verified via localStorage and the dev-session flow.
   if (initComplete && !session) {
     const devUser = getDevUser();
     if (devUser && devUser.type === "staff") {
       return <Navigate to="/admin" replace />;
     }
-    return <Navigate to="/login" replace />;
+    if (devUser && devUser.type === "client") {
+      // Don't redirect — dev session creation may have failed or session.id may be null
+      // The portal should still render for client dev users
+    } else {
+      return <Navigate to="/login" replace />;
+    }
   }
 
   return (
diff --git a/apps/web/src/portal/sections/Dashboard.tsx b/apps/web/src/portal/sections/Dashboard.tsx
index bf6f0e4..136a93a 100644
--- a/apps/web/src/portal/sections/Dashboard.tsx
+++ b/apps/web/src/portal/sections/Dashboard.tsx
@@ -1,6 +1,7 @@
 import { useState, useEffect } from "react";
 import { Navigate } from "react-router-dom";
 import { Calendar, Clock, PawPrint, CreditCard, Star, ChevronRight, AlertTriangle } from "lucide-react";
+import { getDevUser } from "../../pages/DevLoginSelector";
 
 interface DashboardProps {
   sessionId: string | null;
@@ -186,7 +187,11 @@ export function Dashboard({
     );
   }
 
-  if (!sessionId && !isImpersonating) {
+  // Don't redirect to /login if we have a dev user — dev sessions may not have
+  // sessionId set immediately after creation (session?.id may be null due to
+  // timing or API response issues). Dev users are stored in localStorage and
+  // verified via the dev-session flow, so they should see the portal.
+  if (!sessionId && !isImpersonating && !getDevUser()) {
     return <Navigate to="/login" replace />;
   }