IBM Multi-Cloud SaaS Platform: Identity & Access Management

1 min read

Overwhelmed by too many tools, I designed an IAM experience for single too focused on security and efficiency.

My role

✶ Reserach
✶ UX

Team

✶ Rami
✶ Kidus
✶ Garrett
✶ Jim

Impact

✶ 60% saved development time
✶ 5X go-to-market speed
✶ Integrated across 20 IBM SaaS products

The Multi-cloud SaaS Platform (MCSP) aims to unify its administrative features. Users can manage accounts, subscriptions, billing, identity, access, and single sign-on through MCSP.

As the product designer, I had to research and define IAM features for MCSP. I worked with designers, product managers, developers, architects, and content designers across six time zones.

Today System and IT administrators use 8+ systems to buy and manage their IBM SaaS subscriptions. Managing clear IAM boundaries in a CLI is manual. It leads to redundancy, errors, and excessive approvals.

Simply put, who is this person? Are they allowed here? What are they allowed to do? Let’s ensure the right people have the right things for the right reasons.

The task was to create an experience for IT and System admins. It must let them identify, authenticate, and authorize any resource or entity, securely and efficiently, on a single platform. This included a focus on enhancing the onboarding experience and increasing adoption rates.

There are three parts to granting secure access to an organization’s resources, identity, authorization, and authentication. For us, the first phase only included identity and authorization.

✶ Identity management – A user list with the ability to add, edit, view, and remove users.
✶ Authorization (Access) management – Role-based Access Controls (RBAC) so they can manage their scope (an account, subscription, or instance) and entities (a user, user group, and service ID).

✶ Phase 1 released with six IBM SaaS products and Phase 2 planned for fourteen more.
✶ I worked with designers, product managers, developers, architects, and content designers across six time zones.
✶ The framework saves development time by 60%.
✶ Go-to-market deliverables increase speed by five times.

Our next challenge lay in providing seamless and controlled access to this workforce. This includes Single Sign-On (SSO), Federated Identity, (IdP configuration), and Just-in-Time (JIT) Provisioning.