Ascenda
Managing permissions on
Ascenda Business
Industry
SaaS
Enviroment
Web
Background
Ascenda connects verified, bankable SMEs with the ecosystem of service providers that can help them grow, through a trusted, centralised platform. Ascenda Business, the B2B side, gives service providers structured access to this data, offering functions that ideally require role-sensitive access to ensure things run smoothly.
Managing user permissions was a key challenge, as organisations needed to control team access, protect sensitive corporate and financial information, and maintain a clear audit trail of all interactions. Without a structured system, there was a risk of security breaches, inefficient workflows, and compliance issues.
At the time, our product was in beta, and we onboarded a small group of organisations to test, refine, and improve the system before a full launch. I worked as the sole designer, collaborating closely with a product manager, two engineers, and a scrum master to create a permissions model that balanced security, flexibility, and ease of use.
Role assignment has multiple paths, requiring intentional design for simplicity.
Balancing structure and flexibility
Understanding Ascenda Business’s diverse user-personas was key. VC firms had analysts, investment managers, and legal advisors, while banks had credit officers and compliance teams, all needing different access levels. With such varied needs, the challenge was finding the right balance between usability and security.
While we initially considered a fully custom permission system, early testing showed that users found it overwhelming. Instead, we introduced a tiered approach with predefined roles for simplicity, while allowing custom roles for more granular control.
Insights from workshops and focus groups helped refine permissions for these predefined roles. Admins have unrestricted access, Managers oversee operations, Analysts can view and engage with SME profiles but can’t modify company data, and Viewers have read-only access. This ensured teams could onboard new members quickly without complex configurations.
Possible actions
For organisations needing more control, custom roles allow for more precise permission management. From the roles screen, the admin can create new roles, define permissions by toggling access to actions like viewing financial data or managing SMEs. The role is then available for assignment once the configurations have been saved.
To prevent complexity, the permissions were grouped into categories, with clear descriptions and visual indicators for inherited or overridden settings.
We tested multiple variations of this UI, ultimately settling on the design that used progressive disclosure; hiding more configuration options by default but making them easily accessible when needed.
Assigning roles
Roles can be assigned in multiple ways to provide workflow flexibility. The most direct method is through the Roles & Permissions page, where Admins and Managers can select a predefined or custom role, review its permissions, and assign it to team members.
For quick adjustments, roles can also be assigned directly from a team member’s profile. This method is particularly useful when onboarding new users or making individual role changes without navigating away from their details. Admins can simply open the profile, select a role, and confirm the assignment, making the process seamless and immediate.
Batch role assignment is another efficient option. When onboarding multiple team members at once, Admins can select several users and apply the same role to all of them in one action. This is especially valuable for larger teams, reducing repetitive work and ensuring standardised access levels.
Real-time feedback displays affected users and flags any conflicts. For example, If a team member already had a role assigned, the system prompts the user with a warning message to prevent accidental role changes and ensure workflow continuity; particularly important for organisations with strict compliance policies.
If an Admin tries to remove their own access, the system prevents it. Users with lower privileges attempting to edit roles receive a clear message explaining their restrictions and directing them to the appropriate contact. These safeguards ensure a seamless experience, even in unexpected situations.
To maintain transparency, an audit log records every change; who modified roles, what was changed, and when. This helps teams track access adjustments and reinforces accountability. We monitored the audit logs to identify patterns of use, which led to further refinements in role structuring.
Outcome summary
The new permissions feature was added to the beta and significantly improved security and operational efficiency. Admins onboarded team members 40% faster compared to the previous, less structured process. Early data showed a 75% decrease in support tickets related to access issues, indicating that the new feature was intuitive and self-explanatory.
Feedback from beta organisations validated our approach. Users appreciated the feature for its simplicity, while enterprise clients valued the ability to customise permissions when needed. This balance made it easier for organisations of all sizes to adopt the system without excessive configuration overhead.
Subtle praise from the boss.
Learnings
After implementing the feature, the focus shifted to refining usability, integrating feedback, and ensuring scalability. Testing with CSPs improved predefined roles, permission descriptions, and onboarding. Analytics and audit logs enhanced security and compliance.
Looking ahead, the system will likely scale with HR tool integrations and advanced permissions. We plan to introduce automated role assignment rules based on user attributes, further reducing the manual work required by admins.
Now a core part of Ascenda, this feature helps businesses onboard faster, improve security, and scale operations. From a design standpoint, it’s structured yet flexible, driven by the real-world needs of the businesses using it.
And that’s what great design is all about, building systems that empower, simplify, and grow alongside the people who use them.
Back to top
Last updated December 2024.