Role Assignment
PingOne Platform
When assigning roles to a user, the PingOne console presents an exhaustive list of roles along with the corresponding environments and organization in which they can be assigned to.
This enumerated display of roles can overwhelm both the console and the console interface, especially with the introduction of custom roles, which will significantly increase the number of permutations. This poses both technical and interface challenges, leading to scalability issues.
This enumerated display of roles can overwhelm both the console and the console interface, especially with the introduction of custom roles, which will significantly increase the number of permutations. This poses both technical and interface challenges, leading to scalability issues.
In this screenshot, the 'Identity Data Read Only' role appears twice because is assigned in two distinct environments.
For large enterprises with multiple environments, the current model can quickly become overloaded.
For large enterprises with multiple environments, the current model can quickly become overloaded.
Old Users > Roles Page
New Users > Roles Page
In panel view mode, administrators begin from clicking on the “Grant Roles” button to start assigning responsibilities to this user.
The redesign breaks down the role assignment process into this model,
Backend pagination is implemented to prevent the service from getting overwhelmed or breaking down.
Grant Role
In panel edit mode, a list of roles is shown.
Administrators expand the role by clicking on the chevron icon to view all environments and organization (if applicable) that they have the permission to assign to this user.
Administrators expand the role by clicking on the chevron icon to view all environments and organization (if applicable) that they have the permission to assign to this user.
Incorporating feedback gathered through user testing, the design and content language were refined to enhance clarity.
The distinction between assigning roles at the organization level versus the environment level is clearly articulated in the organization description.
The distinction between assigning roles at the organization level versus the environment level is clearly articulated in the organization description.
In scenarios where access can be limited to populations within a environment versus when access is restricted to populations solely within that environment (no environment-level assignment can be granted) is indicated by the reduce icon button and the “Limited Access” chip when access is scoped down and description to explain when access is solely restricted to a lower level.
Limit Access modal lets the administrators to restrict the access even further.
Limit Access Modal
Granted Responsibility Tab
The Granted Responsibility tab shows all the responsibilities that the administrators have assigned to the user. Each section is expanded by default.
This feature required significant engineering effort, involving API and service modifications.
Throughout the implementation process, I collaborated closely with both the engineering and UX development teams to ensure alignment and achieve our shared goals.
Throughout the implementation process, I collaborated closely with both the engineering and UX development teams to ensure alignment and achieve our shared goals.