Designing Modern Enterprise SaaS: Users and Access Management

Our SaaS Administration series examines the design and architecture of modern SaaS solutions. This article examines the most common need in SaaS administration: admitting users into the application and defining what they can (and can't) do.

User Management

B2C and B2B SaaS offerings differ in terms of onboarding users. The B2C variety acquires users one-by-one via email verification. The B2B variety leverages adoption by a business enterprise, with each user registering via an activation process initiated when a SaaS administrator creates an account.

Admin panels often support: viewing and searching users, creating or editing users, activating/deactivating users, bulk user import, and IDP/SSO configurations.

Access Management

The most important need after user management is establishing what users can do. One of the most prevalent schemes is role-based access control (RBAC), which focuses on defining a role as a collection of permissions. RBAC is extremely flexible, especially when each user can be assigned more than one role. It also serves to future-proof the SaaS when new capabilities are introduced.

Excellent UX design recognizes that permissions must be defined carefully, such that they function independently. In a faulty design, inter-permission dependencies will quickly make RBAC very complex and lead to complicated workflows and bugs.

Closing thoughts

User and access management are core needs of any SaaS application. Both the user onboarding method and the permission scheme will heavily influence the UX design. UX needs to take a wholistic view of the SaaS application which includes the underlying admin capabilities.