Key Problem
The Submittable application lacked a way for users to create custom roles and define the specific permissions and accesses per role. The current default level roles were limited and not flexible enough to meet the users’ complex role and security needs. Additionally, the implementation team would take several days (sometimes up to two weeks) to onboard new users and add them to a role; investing precious time in this manual work.
Project Goals
Let users create custom roles and define their respective access
Onboard new users and customers within hours rather than days
Create custom roles across both the GMS and EE platforms and users
User Research
To gain insights on users’ frustrations I conducted both qualitative and quantitative research methods to gather data. Questions were presented to participants to assess their attitudes across the following three categories:
↪︎ Onboarding new users
Participants were asked about their process for onboarding new customers and users onto the GMS and EE applications. They described the process as quite manual, having to individually invite new users to the applications and ensure they were getting the correct level. What should've taken a few hours to do was taking much longer due to larger customers with complex user role needs.
↪︎ Current Workflows
Participants detailed their workflows for onboarding new users, managing existing users and roles, and deleting users from the applications. They had reminders set up at the end of the week to set aside a couple of hours just to edit existing users' roles and change their levels. They also described how it was extremely easy to remove a user and there were no guardrails against doing so. Re-adding a deleted user was a challenging process particularly due to the fact that they couldn't get any historical information on removed users and their previous level.
↪︎ Submittable's default levels
Participants shared their thoughts of Submittable's default levels. They thought the 5 levels were extremely limited and very rigid. Bigger customers always wanted to create their own custom roles and have the ability to go in and quickly edit the permissions per role. Some customers even mentioned that they need to have specific roles at a project-level, which was another layer of complexity. Many mentioned that competitors had a simple way of adding custom roles too.
Pain Points
From my research I was able to identify the following pain points that were common among users:
1
The default levels were limited
Submittable's default levels 1-5 were too limited and didn't provide the customization users needed
2
Setting specific permissions
Users wanted to set specific permissions and access per role. They couldn't edit the default levels in any way, shape, or form
3
Onboarding was inefficient
Onboarding new users and customers was a manual and long process, taking the implementation team much longer than it should have
Making Meaning of the Data
After the research stage, I parsed through the takeaways and key findings to begin brainstorming how I could tackle an RBAC feature and address the users’ frustrations.
I conducted several brainstorming workshops with the product team and engineers to begin mapping out the various user paths and ensure everything was being tied back to the appropriate features within the applications.
These sessions were imperative as they helped me find the clearest flows and remove any redundant or confusing steps.
Low Fidelity Sketches
I played around with a couple of ideas to create custom roles, taking inspiration from searching and viewing an organization profile in the admin tool. User feedback helped me validate the designs and I was able to narrow down my ideas from there.
Mid Fidelity Design Iterations
I started introducing elements and components to the designs as well as creating complex prototypes to visualize the user flow. User feedback sessions and design reviews helped me iterate on the designs and validate we were heading in the right direction.
Usability Study Findings
Throughout the project, I conducted rounds of usability studies. The initial round assessed the functionality of the user flow and architecture. The next rounds consisted around my high-fidelity prototypes and identifying areas where the mockups needed refinement or was confusing.
Takeaways & Insights
Achievements:
Participants loved how easy it was to turn on certain permissions for new roles
The user flow for creating a new custom role was intuitive and simple
Almost all participants mentioned that this would save time and energy when onboarding new users
Challenges:
It was unclear which permissions were locked vs. unlocked
Confusion around why certain permissions were locked
A few participants warned that customers would try to abuse the feature and create lots of new roles that weren't necessary
Final Designs
After going through a few cycles of design iterations and testing, the final designs were completed.
Reflection
I had certain expectations going into this project, however, throughout the design stages, I learned it was quite complicated with the numerous ways roles and permissions tied together with other features in the application. Maintaining an open-door policy and fostering collaboration played a crucial role. Feedback with cross functional teams and teamwork was the key to delivering a seamless handoff of the final designs.
1
Successful Collaboration
This feature is still being built, but it was a big success in terms of cross-functional collaboration and testing it with users and internal teams
2
Improving the GMS application
In addition to building this feature in the admin tool, we'll be improving the look and feel of the "Manage Team" page in the GMS application for current users
3
Customization for users
This feature will give our users much-needed customization for their structure and needs, improving their overall user experience
RBAC Case Study
This project introduced a custom roles and permissions feature for seamless access control.
Timeline
Aug 2024 - Present
Role
Design Lead
Responsibilities
User Research
Information Architecture
Design Ideation
Usability Testing