Governance Platform · Design deep dives

How three surfaces earned their shape.

Wireframe-level direction studies for three governance surfaces — role mapping, navigation, and the admin dashboard. Each one tested a different first question the screen could answer.

Only one direction shipped in each case. The rejected ones are kept on this page because a call only reads as a call when the alternatives are visible alongside it.

Exploration · SCIM role mapping

Three directions for mapping enterprise groups to platform roles.

Each direction solved a different fragment of the same problem — precedence, scale, and where the source of truth lives. The shipped surface is the one that finally admitted the IdP is upstream.

01

Rejected· no precedence

Flat list

One IdP group per row, one role per dropdown. Cheap to build, but two rows can silently disagree — and the admin has no way to predict which one wins.

02

Bridged· taught us order matters

Rule-based with precedence

Numbered rules evaluated top to bottom. Precedence becomes explicit, but the admin has to mentally run the list to know what any one teammate ends up with.

03

Shipped· IdP held upstream

Source-of-truth, layered

IdP groups

read from IdP

Mapping rules

precedence is explicit

Roles · workspaces

downstream of mapping

IdP groups are read directly, mapping rules carry precedence, and roles + workspaces sit downstream. The data model finally agrees with how enterprises already think about identity.

The system didn't become simpler by hiding complexity — it became simpler by naming where complexity already lives, and refusing to pretend otherwise.

Exploration · Governance navigation

From a settings page to a governance command surface.

Each direction shifted the centre of gravity of the admin experience — from configuration, to operational domains, to the running state of the system itself.

01

Rejected· opens to the least operational page

Settings-first

A long, flat list of settings. Every feature is equally visible. The default landing page is configuration — the page no admin opens deliberately.

02

Bridged· domain model, wrong homepage

Operationally grouped

Sidebar grouped by governance domain. The mental model improved, but the surface still landed on configuration — operational state lived one click deep, never first.

03

Shipped· opens to the running system

Health-first command surface

The homepage is a governance overview. Configuration is one click away, but it answers the operational question first — what changed, what needs attention, what is healthy.

Navigation isn't a list of features. It's a promise about which question the surface is built to answer first.

Exploration · Admin dashboard

Three early directions for the governance dashboard.

Each direction picked a different first question the surface should answer: how is the system performing, what is on my plate, or what is the posture right now.

01

Rejected· answers a question admins don't ask

Analytics-first

KPI tiles and charts above the fold. Looked competent in screenshots, but it answered a reporting question — not the operational one admins open this page to find.

02

Bridged· informed the attention region

Operational workspace list

Attention at the top, workspaces grouped by posture, activity below. Solved the operational question, but the layout was horizontal — it threatened to grow into a flat dumping ground.

03

Shipped· a centre of gravity

Health-first command surface

Identity
Lifecycle
Audit
Resilience

Posture summary frames the page, attention sits immediately below, and workspaces + activity support — not compete. Configuration is a sibling, not a priority.

A dashboard is a question, not a layout. The decision that mattered was choosing which question deserved the centre of the screen.

Wireframes · Direction studies

Three early directions for the governance dashboard.

Each one tested a different first question the surface could answer — KPI summary, sectioned workbench, or insight-driven flow. Only the third one shipped, but the first two earned their place in the reasoning.

01Direction set

Three direction studies, in the same scale, with one short note each. The shipped surface inherited its shape from the third — but the first two are kept here because the call only reads as a call when the rejected directions are visible alongside it.

Direction 01 — KPI card grid. A summary-tiles approach to the governance home, rejected as too reporting-led.
01 · KPI card grid — summary-first. Did not ship.
Direction 02 — sectioned workbench. A domain-grouped approach to the governance home, considered as an alternate.
02 · Sectioned workbench — domain-grouped. Considered, did not ship.
Direction 03 — insight-driven flow. The exploration that shaped the shipped governance dashboard.
03 · Insight-driven flow — posture-first. Shipped direction.