A New Way To Manage Roles and Permissions
Reimagining roles and permissions is no easy task, but someone had to do it 😎
Authentication, authorization, and access control to a cloud service is an important topic, especially when rolling out in larger enterprises. When we decided to level up the roles and permissions in Crystallize, we wanted to think differently.
How can we make a role-based permission system that is easy to understand and efficient to use?
The design team has worked closely with the product team to combine the required complexity with an intuitive and visual interface. Resulting in a slick (if I may say so) representation of what a role can access in Crystallize.
The visual dashboard for the roles gives you a quick and visual overview of what users assigned to a role have access to. Much like a talent tree, you have seen in some games. Yes, we love to take inspiration from gaming and consumer-based types of interfaces - even though Crystallize is strictly targeted towards the B2B market.
You can see the new interface below.
We wanted to make the editing process as simple and intuitive as possible. Simply click the concern and the function(s) you want to grant access to, and you are done. For more verbose information, we designed the right sidebar to give you explicit information on the details of the role.
To keep it light and in the Crystallize brand, we even decided that a pink mushroom visualizes that there is a condition on a specific concern.
In addition to having the fine-grained permissions that can be assigned to users, we decided to create a new concept of UI preferences. These settings, per role, affect how the App UI in Crystallize behaves, while the permissions affect the API and the UI.
The case for this is when the editorial teams, e.g., work on different markets and would like to show only the relevant prices for them. The screenshot below shows a UI preference where you cannot see the prices that are in EUR, while you can only see the NOK retail prices but can edit the NOK sales prices.
Also super useful if the retail prices are, e.g., imported from an ERP, and you only want to allow editorial editing of the sales price.
You Should Also Read👇
Welcome aboard, tech enthusiasts! In today’s digital world, there’s no such thing as being too secure. With data breaches making headlines, it’s high time we pull up our socks and look at security essentials.
So, what’s all the hullabaloo about authentication vs. authorization?
Well, let’s break it down.
These two A’s are like the Batman and Robin of security protocols. They work hand in glove to protect the Batcave (read: your data). Hang tight, as we’re about to get down and dirty with these two superheroes.
Instead of building a better PIM, CMS, eCommerce, or order management service, we wanted to design an API layer you need to market and sell your products on any channel, at any scale, and in any way you want it. A perfect product story engine, if you will.