Role Assignment 

PingOne Platform
OVERVIEW

Background
When assigning roles to a user, the PingOne admin console presents an exhaustive list of roles along with the corresponding environments and organization in which they can be assigned to.

Challenge
This enumerated display of roles can overwhelm both the console and the console interface, especially with the introduction of custom roles, which will significantly increase the number of permutations. This poses both technical and interface challenges, leading to scalability issues.

​​​​​​​
In this screenshot, the 'Identity Data Read Only' role appears twice because is assigned in two distinct environments.

For large enterprises with multiple environments, the current model can quickly become overloaded.




Solution
The redesign breaks down the role assignment process into this model,
Backend pagination is implemented to prevent the service from getting overwhelmed or breaking down.






Old Users > Roles Page 





New Users > Roles Page 


In panel view mode, administrators begin from clicking on the “Grant Roles” button to start assigning responsibilities to this user.




Grant Role

In panel edit mode, a list of roles is shown.

Administrators expand the role by clicking on the chevron icon to view all environments and organization (if applicable) that they have the permission to assign to this user.

Incorporating feedback gathered through user testing, the design and content language were refined to enhance clarity.


The distinction between assigning roles at the organization level versus the environment level is clearly articulated in the organization description.




In scenarios where access can be limited to populations within a environment versus when access is restricted to populations solely within that environment (no environment-level assignment can be granted) is indicated by the reduce icon button and the “Limited Access” chip when access is scoped down and description to explain when access is solely restricted to a lower level.
Limit Access modal lets the administrators to restrict the access even further.

Limit Access Modal

Granted Responsibility Tab 

The Granted Responsibility tab shows all the responsibilities that the administrators have assigned to the user. Each section is expanded by default.




Process
The development required significant engineering effort, involving API and service modifications.

Throughout the implementation process, I collaborated closely with both the engineering and UX development teams to ensure alignment and achieve our shared goals.


Outcome
This redesign enhanced scalability in both the user role assignment interface (frontend) and platform infrastructure (backend), enabling the rollout of the custom role feature and accommodating enterprise-level customers' ever-growing number of environments. 

This solution reduced complexity of the assignment process by breaking it down and provided much-needed clarifications within context for admin users.

Back to Top