If you don't want to use the builtin Security Roles (External User,External Manager), then you can create a custom Security Roles from the Admin section -> Security Roles. The security role basically defines which sections of the PSA user will be able to access. Find out more about this from here.

In order to enable Client Portal Access please open the CRM section -> Contacts
​

Select the client for which the Client Portal Access needs to be enabled

Client Portal Access

Enable the Client Portal Access

Then select the Security Role, enter Username which the client will uses to logon to PSA and save the configuration. After a few minutes the customer should receive email with login details.