Here Admin Console

Designing a Unified Admin Experience for User and Content Management with Role-Based Permissions (0→1)

Role

Lead Product Designer

Client

Financial Corporations

Team

1 Design Manager, 1 PM, 3 Engineers

Introduction

What is the admin console?

The Here Admin Console is a centralized web-based platform that helps enterprise clients efficiently manage user access, content distribution, and permission controls within a secure browser environment (the Here Enterprise Browser).

Without a unified platform, the client faces rising costs and inefficiencies.

Our clients use the Here Enterprise Browser and Workspace UI Components to create and distribute customized workspaces for their users. Managing these workspaces requires various administrative configurations. Previously, administrative tasks were handled through legacy apps, verbal communication and hands-on coding sessions, leading to high communication, development and maintenance costs. To solve this, we designed an admin console from 0 to 1 as a turnkey solution, allowing administrators to securely manage users, distribute content, and configure settings with ease.

Design Impact

The successful release of the admin console played a key role in retaining and upselling our contract with one of our largest financial clients, resulting in 40% decrease in support request related to configuration issues and contributing to 75% reduction in contract closing time. It also results in:

3+

New Contracts

2200

Deployed Desktops

25,000

Future Users

Design Showcase

While the admin console contained many powerful features, this case study zooms in on one of the most critical: User management and content permission management via Groups and Roles.

Intuitive User Management

User Creation - Manual & Bulk Upload

User Group Management - Flexible Nest Group Structure

Content Creation and  Group-based Content Assignment

Role-based Content Permissions

The Design Challenge and Pivot

From Client Assumptions to Scalable Design: A Pivot Driven by Real Users

The First Design: A Tight Deadline and a Client-Led Mental Model

Understanding what has been working

When we kicked off the project, we were under tight time pressure. There was strong urgency from the business to move fast and show progress to retain the client. Ideally, we would’ve done more in-depth discovery upfront, but given the deadline, we leaned heavily on how the client described their existing system—where each piece of content defined its own permissions, and roles were built from those.

Breaking down existing experience into unified flows

Based on the workshops and what we’ve learned from the clients, in our first iteration, we designed:
• A permission panel inside each content definition page
• A roles section that pulled from those scattered permissions

Existing Flow

Finding #1: Redundancy and Complexity at Scale

Admins have to frequently redefine the same types of permissions.

If I have to define the same permission for every new content, it’s going to get messy fast.

Finding # 2: Misalignment with Third-Party Apps

The model assumed the system could enforce permissions, but that broke down for external tools like Salesforce or FactSet.

This feels misleading. I might think I am enforcing control where I can’t.

The Pivot: From Per-Content to Universal Permissions

To address the user feedback, We proposed a fundamental change:
• Extract permissions out of content and define them universally
• Build roles from these standardized permissions
• Link content to roles or groups cleanly, without redundancy

Updated Design

Results and Takeaways

• The updated model made the admin console easier to scale as new content and users were added
• Even fast, internal testing surfaced critical misalignments
• Good design means asking better questions—even when time is tight

To Learn More

to learn more about my research and iteration process as well as how design system plays a role in scaling the product, feel free to contact me for further information.