Problem space

While developing a multi-faceted managed services web app, numerous user flows require collaboration across different levels of team hierarchy. This involves managing user permissions, defining user roles, modifying account details, and adding new users— essentially, implementing an effective & scalable User Management flow.

Based on multiple business use cases, user research & insights from SMEs, it was identified that there was a need to create a new feature to allow admins manage custom role creation and permissions, as well as assign roles to other users. This feature was to be designing to directly help with the increase in user adoption and retention while also preventing any data privacy risks.


Conceptualise a robust user management model to accommodate all the user needs & business use cases thereby solving the roles and permissions problem.

Step by step approach to defining the problem

In order to build a logical user management system with different roles and permissions in hierarchy, the first step is to identify the main actions that the users need to perform in the application. Once the possible user flows are in place, including all the edge cases, we then move on to identifying who performs what action?

That decision is made based on several factors. For instance:

  • Hierarchy
  • Ownership
  • Owner vs client
  • Privacy
  • Paid feature etc.

Based on such factors, we list out a set of assumptions that paves way for defining the different roles.

The concept is defined as the RBAC system or Role Based Access Control system.

Process Summarised


The first step was to understand the business context and the overall functionality of the web-app.


The second step was to break down the feature into different user stories and freeze on the assumptions to be considered. Different roles were also defined in Parallel with certain fixed permissions assigned to each of them.


Drafted out different user flows based on the assumptions and different roles as defined in the previous step. This was done to derive the shortest and the most intuitive task flows for each user role.

Defining roles & PErmissions


  • Adds new account & user details together
  • Adds new account details & adds user details later
  • Adds user and links them to one or multiple accounts
  • Create new account with existing and/or new user(s)
  • Create new user and link to existing account(s)
  • View/Modify user
  • View/Modify account

Defining assumptions

  • Orgs. can exist in Internal side UI without users assigned
  • Owners & Ops members will be linked to Internal account only
  • Client side Admins & Users cannot exist without any accounts linked to them
  • Same person can be an admin on one org. but a user in another
  • Permissions set for an org. permeate similarly for the admin but not the users
  • Only Super admin can add new super admins.
  • Possible to add one user to multiple accounts
  • Possible to add multiple users to one account

Task flow

01 / 05
These task flows were later translated into wireframes followed by High fidelity mocks. The final designs cannot be shared due to confidentiality clause.