Boosting security for a Developer tool web app with the Service user feature
-
Client
Humanitec
My Role
Product Designer
Duration
5 weeks
What I did
Tools
Metrics
Strengthen API Token security
As reported by users.
9% increase in NPS score
Increased brand trust as evidenced by customer feedback.
In platform orchestration which Humanitec does, user trust and security are paramount. The Service User and API token feature is pivotal in ensuring the right access to a company's infrastructure.
Interactive Prototype showing the ‘Add a Service user’ flow
Unfortunately, we didn’t have a video record/documentation of Sales calls, so I had to resort to a workshop with Sales guys, and other members of the wide cross-functional team. Also, I wasn’t able to get customers for an interview.
The problem and problem statement
For each Service user, there are 3 levels of control/permissions -
Administrator: Has full access to everything within the Organization in Humanitec.
Manager: Same as the Member Role. In addition, can invite and remove Users from the Organization in Humanitec, issue API tokens, and create Apps.
Member: Can access Apps they have a role for.
Details I added to the Service user feature designed based on findings from internal Workshop, Competitive Analysis, and AB Test.
What's the Users' understanding of Service Users?
What's the optimal placement for Service users within the Humanitec application?
What's our customer's comprehension of the Service user's permissions?
What's our customer's awareness of the Service Users and API tokens relationship?
I studied Google Console & Vercel for insights into similar features, and process.
Competitive Analysis of Google console and Vercel
I did a Feature Roadmap with the cross-functional team for Prioritization
Site navigation of the API Token feature
Design system in Storybook
These are the sketches I made
I ran through various version of UI design, presenting to the team, and iterating
Wireframes evolved into high-fidelity designs using the Design system housed in Storybook. Various rounds of iterative improvements were guided by Stakeholders and the entire team's feedback, emphasizing UI clarity.
The team includes PMs, Front-end Engineers, Back-end Engineers, QA Engineers, Field Engineers, the other Designer, the CTO and Sales team.
The prototypes of both options A & B
While sketching, I discovered the Service user feature can sit in 2 places within the web application - within the Org members page and on the Side panel/bar. I designed two versions of the UI with the two placements and presented them to the team for feedback.
Option A with Service users in the Org member page
Option B with Service users in the Side panel/bar
Option A with Service users in the Org member page
Option B with Service users in the Side panel/bar
A/B test with Maze favored Option B, featuring Service Users as a standalone on the Side bar, improving task completion rates and times.
PS - It was hard finding an A/B software that caters to entire flows, as opposed to one landing page. So I settled on creating 2 different Maze projects.
-
Option B with Service user as a standalone performed better with more task completions and less drop offs, as opposed to the other one. Also, it had better time on task.
The result of the AB test
On educating users, I started with the in-house users, the Humanitec Developer team (consisting of all Front-end, Back-end, QA, Field, and Sales Engineers) all make use of the Humanitec app.
An in-house presentation for Humanitec's developer team clarified Service Users and API tokens for all relevant teams.
Also, blog posts, in-app tutorials, and onboarding guides (written by the PM, which I contributed to) about Service users are available on Humanitec’s website, to increase user adoption and reduce the customer’s time to value (TTV).
My key takeaways were:
This design-focused case study demonstrates addressing security and usability issues with Service Users and API Tokens, emphasizing user-centric design principles. Key takeaways:
Other Projects
Cardax RedesignWeb Design
Redesigning for valueWeb Design
Streamlining resource definition with co-provisioning for efficient customer workflows.Web Application
Online Health Community WebsiteWeb Design
Automating an Asset Management company's offeringMobile App Design
Branding for GoBartaBrand Identity