Here Admin Console

Designing a Unified Admin Experience for User and Content Management with Role-Based Permissions (0→1)

Summary

What is the admin console?

We designed a scalable admin console that lets enterprise clients manage users, content, and permissions in one secure place inside the Here Enterprise Browser.

Role

Lead Product Designer

Time

Q2 2024

Client

Financial Corporations

Team

1 Design Manager, 1 PM, 3 Engineers

Background

The problem - no unified platform

Before this project, there was no admin console in place. Admins had to rely on a mix of legacy tools, back-and-forth messages, and manual engineering work just to manage users and content. This caused frequent confusion, delays across teams, and high support and maintenance costs.

What we built - an admin console

As the lead designer, I partnered closely with product and engineering to design and launch the first admin console from the ground up. We created one clear and secure place where administrators could create users, assign roles, manage content, and adjust settings. The experience was built to be fast, reliable, and easy to understand, even for non-technical users.

Why it mattered - usability & business perspectives

The new console made everyday tasks much smoother for admins and reduced the need for engineering help. On the business side, it added real value to the browser product by giving clients more control and flexibility. This helped strengthen long-term client relationships and made the product easier to sell to new enterprise customers.

Design Impact

The successful release of the admin console played a key role in retaining and upselling our contract with one of our largest financial clients, resulting in 40% decrease in support request related to configuration issues and contributing to 75% reduction in contract closing time. It also results in:

3+

New Contracts

2200

Deployed Desktops

25,000

Future Users

Design Highlights

Before I show the design process, these are core features from the final design we shipped, each shaped through iteration and built to solve real needs for enterprise admins.

User Management: Individual and Bulk

Managing users at scale was a major challenge. We designed a system that lets admins add or update users individually, or in bulk using CSV import. Table features like search, sort, and batch actions make it easy to manage thousands of users while maintaining clarity and control.

User Management via Flexible Group Structure

Enterprise teams rarely fit into a single hierarchy. To reflect real-world team models, we enabled admins to assign users to multiple groups. Whether managing departments, locations, or cross-functional teams, this flexibility made user management more intuitive and scalable.

Content Configuration and Access Assignment via Groups

Admins needed a reliable way to distribute the right content to the right teams. We introduced a content editor and an assignment flow that lets admins configure materials and assign them by group. Each piece of content can be linked to multiple groups, making it easy to deliver targeted information across the organization.

Content Permissions through Roles

Controlling access was a critical need. We built a role system that lets admins define custom permission sets and assign them through a guided flow. This made it easy to control who can view, edit, or have other unique access to certain content without relying on engineering.

Design Process

Turning Client Assumptions into Scalable Designs — How Real Users Helped Us Pivot

#1 Research, Ideation & First Iteration

Understanding the users and their goals

3 main admin personas

When we kicked off the project, we were under tight time pressure. There was strong urgency from the business to move fast and show progress to retain the client. Ideally, we would’ve done more in-depth discovery upfront, but given the deadline, we leaned heavily on how the client described their existing system—where each piece of content defined its own permissions, and roles were built from those.

2 key tasks

Despite their differences, admins shared two essential tasks:
- Grant users access to company content
- Define and manage content permissions

How might we design a system that works for both technical and non-technical admins

We mapped out workflows based on the client’s existing experience

The initial logic followed a content-to-group model:
- To give users access to content, both the users and the content had to be assigned to the same group.
- To achieve different content authorization, roles containing different permissions will be assigned to users

Content Access via Groups

To grant different users access to content, the content needs to be assigned to a group.

Unique Permission Each Content & Role Creation

Permissions are defined uniquely inside of each content, and roles are created based on those unique permissions.

Role-Based Permission Distribution

By assigning roles to different users, users in the same group can obtain different levels of permissions.

But, how does everything translate into a flow and design?

User Story

Admin wants to distribute a FX Blotter app to the Banking department, but only the manager has the edit permission, rest of the team can view the app.

User Flow

First Round MVP & Flow

#2 User testing & Updates

User testing that leads the pivot

We mapped out workflows based on the client’s existing experience

We tested this first version with 6 admins from internal and client teams to see how well it worked in practice.
Feedback quickly revealed two major issues:

Finding 1:  Redundancy and Complexity at Scale

Admins have to frequently redefine the same types of permissions.

If I have to define the same permission for every new content, it’s going to get messy fast.

Finding 2: Misleading Control

The model assumed the system could enforce permissions for all apps, but that does not work for external apps like Salesforce or FactSet.

This feels misleading. I might think I am enforcing control where I can’t.

The Pivot: From Per-Content to Universal Permissions

These insights made it clear: our current model was too complex to scale and too rigid for real-world use. We needed a new approach. So we made a bold shift:

Permissions are now defined universally, not per content

This allows permissions to be defined once and recycled, eliminating repetitive work.

Roles are built from standardized permission sets

Content links to roles and groups without duplication. Admins can now create roles once and assign them via a flexible dual list UI — no need to reinvent logic for every piece of content.

Updated Design

#3 Results & Impact

• Simplified user creation and permission workflows
• Fewer clicks, less confusion
• Led to a successful contract renewal and 3 new enterprise contracts
• The admin console is now live on 2,200+ desktops, with plans to scale to 25,000 users

3+

New Contracts

2200

Deployed Desktops

25,000

Future Users

To Learn More

This case study highlights just a slice of the full admin console design.
Curious how we handled stakeholder pushback during the pivot, tackled features like integrations, made key design decisions, or leveraged design systems to move fast without breaking things? Feel free to reach out and I’d be happy to share more!

Let's Connect

LinkedIn
Email
Resume