A blue sky redesign for an identity access control tool
about
Our team was urgently tasked with reimagining Solliance’s Policy Server, an access management tool. In a fast-paced 2.5-week sprint, we analyzed the existing app, gathered stakeholder insights, and identified key pain points. Through rapid iteration, we designed a clearer, more intuitive way to visualize policies, hierarchies, and user roles. The final deliverable was a concept to support stakeholder pitch.
my role
Conducted a UX audit of the existing application.
Spoke with Solliance stakeholders to uncover user frustrations.
Mapped the existing app's info architecture and site structure.
Transformed insights from stakeholder discussions into a high-level design concept.
agency
Border
Timeline
Sep 2024
Team
UX: JT, Myself
Overview
Policy Server is a Solliance platform that helps organizations manage and control user access, roles and permissions.
Policy Server sought help to simplify policy visualization, making creation and role setup more intuitive. We reimagined policies as hierarchies to improve managing them across organizations.
Problem
Policy Server’s outdated UI made it hard for users to navigate complex policy structures, causing mistakes and increased customer support needs.
A challenging inherit aspect of Policy Server is that policies can contain child policies with user roles and permissions that can nest indefinitely. The existing UI made it difficult to quickly understand the structure and setup of these policies at a glance.
scope and contraints
The project spanned over a 2.5-week design sprint.
The main goal was to have a polished, high-level, design concept that could help the key stakeholder pitch the idea to their business partners. This would ultimately lay the foundation for a full redesign of the application in the future.
process
I used an iterative lean UX approach.
Assess
We gained access to the existing application and interviewed stakeholders to assess the current product experience.
An example of the original Policy Server UI, showcasing mock policies and roles within the policy tree.
Original policy page showing nested child policies, roles, and permissions.
What I learned:
1. Policies are hard to visualize
The policy tree, which displays nested policies and roles, is hidden behind an unlabeled icon, making it nearly inaccessible. Users struggle to plan and understand their organization’s policies at a glance without digging.
2. No way view a policy without the ‘nonsense’ of roles
Managing user roles is essential, but visualizing policy hierarchies is equally critical. The current UI lacks filters or other mechanisms to solely view policies without roles within the tree.
3. Navigating nested child policies is tedious
The UI forces users to dig through nested pages to understand how roles and permissions are set up. There is no way to view other policies while staying in context of a connected policy.
4. Inherited roles are impossible to track
There’s no way to see which user roles are inherited in child policies from the root policy. This often leads to duplicate roles and permissions. Users can’t easily identify incomplete roles or policies needing attention, hindering effective policy management.
Interview highlights:
Need for visibility
"If I can’t visualize my policy when creating it, how do I plan with that?"
Stakeholder #1
Progress awareness
"When creating my policies, it would be helpful to know "What have I done so far?"
Stakeholder #1
Focusing on what matters
"You’re going in with a different lens sometimes. Maybe I just want to see policies [not roles]."
Stakeholder #1
Seamless navigation
"I want the ability to seamlessly drill directly to another policy while viewing a different policy."
Stakeholder #2
site map
I mapped the architecture of the existing UI to understand the current structure.
object mapping
We created an object map to understand the relationships between policies, tenants, user roles, assignments and permissions.
Essentially, a policy can be made of:
finalized concept
Plan, create, visualize and manage with the new policy hierarchy map.
We replaced nested pages and tables with a collaborative hierarchy map, making access management more intuitive. The customizable board keeps users in a high-level view, enabling easy visualization, planning, and management.
Instantly search to jump to a policy or role.
We introduced the idea of a smart filter search bar at the top of the board, reducing navigation time to find a specific policy, role, or permission.
Expand or collapse policies and roles to simplify.
View policies without the nonsense of roles while still in the visual context of child policy. View how many users are assigned to a particular role at a glance by expanding a policy card.
Swiftly add a policy at any point within your hierarchy.
Create a new policy in as simple as a few clicks without leaving the screen.
Add permissions, roles, and users to a policy without losing context.
We advocated for editable side panels of policies to keep users within the overall context of the hierarchy. This was so we could steer away from the complex breadcrumbs and nested pages, keeping the users on the same board at all times.
Easily see which roles are inherited and need attention.
An icon now indicates whether a user role was previously created at the root policy level. Additionally, bolded user counts help highlight roles needing attention, indicating that no users are currently assigned and should be mapped.
Quickly zoom across your organization's structure.
To further address the pain point of visualizing policy structures at a glance, we’ve proposed including a map that gives an arial view of the board.
Takeaways
Challenging UI conventions for better usability.
Traditional UI patterns, like breadcrumbs, initially seemed helpful but proved ineffective for deeply nested policies, becoming overly long and complex. This highlighted the need to rethink conventions when they don’t serve the task. Through this and similar projects, I’ve learned that simplification is key — small enhancements like filters or visual indicators can greatly improve usability and satisfaction.
Designing with, not just for, users.
User interviews revealed critical frustrations, reinforcing the value of a user-centered approach. The inability to visualize policy hierarchies caused confusion and inefficiencies, while missing features—like focusing on policies or understanding inherited roles — led to errors. Involving users early helps uncover key pain points, accelerating collaboration and innovation, even under tight deadlines.