Case Study

Introducing Permission Roles for VCAT Business Portals

5min read

Objective

Enable real estate businesses using the new VCAT business portal to operate under a single organization account with defined permission roles, restoring company-level collaboration that existed in the legacy portal while complying with stricter security requirements.

• Replace legacy shared credentials with a secure, role-based hierarchy.
• Fold individual user accounts into organization-based accounts.
• Introduce three permission roles: Org Admin, Branch Admin, Regular User.
• Achieve this via a one-off migration, not a full product re-architecture.

Impact

I identified critical gaps in the initial permission model and reshaped the solution to better reflect real-world workflows.

• Facilitated design walkthroughs and focus groups with external stakeholders.
• Discovered the need for three tiers instead of two and introduced branches in the database and UI.
• Designed and prototyped a three-tier model with branch-level filtering.
• Collaborated with architects and developers to align the solution with technical feasibility.

Problem

The initial design featured a two-tier permission system (Admin / Regular User), which did not support real estate business workflows.

Key issues:

• Large or franchise companies would see all cases across all branches, creating noise and operational inefficiency.
• Small agencies were less impacted, but high-volume users could not work effectively.
• Stakeholders perceived the new portal as less functional than the legacy system, risking trust and adoption.
• The challenge was to realign an already-decided solution without major rework.

Hypotheses

• A three-tier hierarchy (Org Admin, Branch Admin, Regular User) better reflects company structures.
• Branch-level segmentation with filters would prevent information overload for large organizations.
• Borrowing SaaS permission patterns (e.g., Miro) would reduce confusion and adoption risk.
• Edge cases, like removing a user, could be handled via reassignment flows to avoid orphaned cases.

Opportunities

• Filters and tables: Low-technical-effort change delivering high user impact.
• Right-time permission expansion: Adding a third tier while designing the system minimized future rework.
• Leverage familiar SaaS patterns: Reduced risk and provided a clear reference model.
• Feature matrix for alignment: Helped architects, developers, and stakeholders understand and compare role responsibilities.
• Single source of truth: The matrix was reused internally and externally for consistent communication.

Key Insights

• Structural, not visual problem: Permissions and branch-level data needed to exist in the backend first.
• Real-world hierarchies vary by company size: Three tiers were essential for large franchises.
• Feature matrices clarify complexity: Helped technical teams understand roles, reducing miscommunication.
• Established patterns reduce risk: Borrowing familiar SaaS workflows increased stakeholder and user confidence.

Design Explorations / Deviations

• Filter vs search: Filters were retained to support branch segmentation.
• Branch display: Single table with filters chosen over separate tables for clarity.
• Microcopy & flow tweaks: Deferred some minor “delight” elements to reduce scope.
• Scope trimming: Adjustments for implementation sizing were considered, but the core three-tier and branch model remained intact.

Solution

• Three-tier permission model: Org Admin / Branch Admin / Regular User.
• Branch concept: Users can view cases per branch.
• Filtering options: Filter out closed cases or view only relevant subsets.
• SaaS-aligned workflows: Familiar patterns reduce learning curve.
• Validated with stakeholders and reconciled technical, operational, and user needs.

Outcome

• Prototype feedback: Highly positive from external stakeholders.
• Pre-launch expectations: Build closely mirrors prototype; minimal usability backlash anticipated.
• User benefits: Branch-based visibility, role-based permissions, and filtering improve efficiency over legacy portal.
• Operational benefits: Reduced support inquiries, more efficient workflows.
• Trade-offs: Reporting dashboard deprioritized in favor of table exports or Power BI integration.
• Strategic impact: Demonstrates listening to users and improving trust in the portal.

What I Learned

• User validation is paramount: Assumptions from peers or business stakeholders are insufficient.
• Communicate abstract ideas effectively: Prototypes, slides, and structured artifacts help users visualize experiences.
• Leverage internal support: Comms/project teams allow designers to focus on design while managing scheduling and expectations.
• Tailor communication to your audience: Developers and architects prefer logical matrices for complex permissions.
• Balance influence and collaboration: Guide solutions while incorporating stakeholder input.
• Patience and persistence: Multiple sessions and iterative discussions are necessary for alignment and buy-in.