Back to Blog
SaaS Design · 7 min read · Published March 25, 2022

Designing Modern Enterprise SaaS: Content Access Management

Matt Genovese
Matt Genovese
Founder, Planorama Design
Content access management in enterprise SaaS

Planorama's SaaS Administration series examines the design and architecture of modern SaaS applications. In this third installment, we focus on common considerations for managing content access.

Sources of content

Content comes from a variety of sources:

  • User Generated Content (UGC): SaaS users directly create content like articles, news posts, conversations, voting, reviews, etc.
  • System Generated Content: SaaS algorithms can also directly create content or create content from user input. Examples include dashboard summaries, auto-generated categories, and AI-generated information.
  • External Content: The SaaS application interacts with the outside world through APIs, interfacing with edge devices or IoT devices.

Tenancy to restrict content access

Most modern B2B SaaS applications use some type of tenanted architecture to segment configuration, content, and users into private areas for each customer. In a single-tenanted approach, everything is physically siloed per customer. With the more common multi-tenanted approach, the application is shared across customers but data must be properly isolated.

The admin panel for a multi-tenanted SaaS application handles two types of administration: management of the overall SaaS application above all tenants, and management within a particular tenant. A well-designed admin panel clearly identifies which type of configuration is happening.

Access control schemes

There are various access control schemes to manage content permissions. Notable schemes include Attribute-Based Access Control (ABAC) which employs attributes of the user, content, and context to form dynamic policies; Role-Based Access Control (RBAC) where roles define specific permissions; and User Groups that define a set of content access permissions inherited by group members.

Impersonation

Impersonation is a useful technique where the SaaS administrator can experience the application as a specific user would, testing permission boundaries without creating fake accounts. This saves time and reduces confusion, as the UX design makes it clear when an admin is impersonating another user.

Closing thoughts

Content is at the core of SaaS applications. Defining who can access content is equally core. Recognizing this complexity and planning for it, coupled with professional UX/UI design that complements the data architecture, will simplify user configurations and prevent content from reaching the wrong hands.

Matt Genovese
Matt Genovese
Founder, Planorama Design

Matt Genovese is the founder of Planorama Design, a product acceleration firm helping enterprise software and AI teams ship better products faster. With a background spanning hardware verification, UX design, and AI integration, Matt brings a cross-disciplinary perspective to complex product challenges.

Related articles

SaaS Design · 7 min read

Designing Modern Enterprise SaaS: Users and Access Management

Best practices for designing user management and access control in enterprise SaaS.

Industry Analysis · 7 min read

Semiconductor EDA: How Focusing on User Experience Opened Up a New Market

How user experience improvements in semiconductor EDA tools opened entirely new market segments.

Let's meet.

Tell us what you're working on. We'll give our honest perspective, and share how we've helped similar teams address their challenges.

Schedule a Discovery Call