Introduction
Managing user accounts and access is a critical aspect of any SaaS business, but it’s not always an easy task. As your business grows and you work with larger organizations, you’ll likely need to implement multiple levels of abstraction for your user and organization management. This can quickly become overwhelming and difficult to manage, especially if you don’t have a clear plan in place.
Fortunately, there are steps you can take to design a user management system that meets the needs of your business and your customers. In this article, In this article, I will present you with a practical design for a user management system that is both effective and scalable in a SaaS environment. Whether you’re just starting out or looking to optimize your existing system, this guide will provide you with practical advice and actionable tips to help you streamline your user management processes and provide a seamless experience for your customers.
Understanding Customer Needs
To create an effective user management system, it’s important to understand the different needs and expectations of your customers. Here are some key factors to consider:
Flexibility
Customers expect a high degree of flexibility in a SaaS user management system. They need to be able to customize their system to meet their unique needs and workflows, including setting up roles and permissions, creating and managing user accounts, and defining access levels.
Roles
Roles are an important aspect of user management, and customers need to be able to define roles and assign them to different users. This ensures that each user has the appropriate level of access to the features and data they need to do their job effectively.
Here is a simple example of a default set of roles you can create :
Role name | Capability |
Admin | The admin role is typically reserved for users who need full access to the system and have the ability to manage all aspects of the user management system. This includes creating and managing user accounts, defining roles and permissions, setting up access levels, and managing data and security settings. |
Contributor | The contributor role is typically given to users who need to create and edit content within the system, but who do not have full access to all features or settings. Contributors may be able to create and edit content, upload files, and perform other basic functions within the system, but they may not be able to manage user accounts or change system settings. |
Viewer | The viewer role is typically given to users who only need to view content within the system, without the ability to edit or create new content. This may include users who need to view reports, access data, or simply review content within the system. Viewers may have limited access to certain features or areas of the system, and their access may be restricted based on their role and permissions. |
Fine-Grained Permissions
In addition to roles, customers may also need fine-grained permissions to control access to specific features or data within their system. This enables them to provide different levels of access to different users or groups, ensuring that sensitive data remains secure. For me, Roles and Fine-Grained Permissions work along together. Roles are only a set of permissions and you should try to build your default different roles as a set of permissions. If possible permissions should follow a basic CRUD-like pattern, here is an example.
If we take an example of a SaaS application that manages a restaurant, we can an entity like:
- Order
- order:read
- order:list
- order:create
- order:update
- order:delete
By default, Viewers only have access to read and list orders, while Contributors and Admins have full permissions, including the ability to create, update, and delete orders.
Different Plans for Different Departments
Enterprise customers often require different plans and pricing structures based on the needs of individual departments within their organization. In order to effectively manage these plans and ensure that each department has the necessary features and support, customers need the flexibility to set up and customize plans to fit their unique requirements. For example, SaaS pricing may vary based on the number of users, with plans that offer more features and capabilities costing more than basic plans.
Allowing users to have different plans based on their needs can make a SaaS product more appealing, as it gives customers greater control over their costs and allows them to tailor the service to their specific requirements. For example, by offering different plans with varying levels of features and support, SaaS providers can cater to customers with diverse needs and budgets, making their products more attractive and competitive in the market.
Multi-Tenant Capabilities
Depending on your software, customers may need the ability to manage users across multiple tenants or organizations. This enables them to keep their users and data separate and secure, while still maintaining a unified user management system.
By understanding these key needs and requirements, you can design a user management system that is flexible, customizable, and easy to use, and that meets the unique needs of your customers.
Here are some questions to consider when implementing multi-tenant capabilities:
- What should happen when a user is invited to join your tenant, but is already a member of another organization?
- How should the system handle invitations for users who do not yet exist in the system, but are being invited to join an organization?
- What is the process for a user who is signing up for the first time and wants to join an organization?
Three Levels of Abstraction
One way to achieve flexibility in user management is through a three-level abstraction approach. This section explores the three levels of abstraction in detail:
Tenant
At the highest level of abstraction, a SaaS product is typically divided into multiple tenants, which represent different organizations or groups of users. The tenant provides a container for all the resources and data associated with a specific customer, ensuring that each tenant’s data is isolated and secure.
Subscription
Within each tenant, users are grouped into subscriptions, which represent a specific level of access to the service. For example, a subscription might correspond to a specific pricing plan or set of features, or it could represent a specific group of users within the organization.
Workspace
Finally, each subscription is divided into workspaces, which represent individual teams or projects within the organization. Workspaces provide a way to organize users and resources, and they allow users to control access to specific parts of the service.
What about user management and roles in this type of design?
To effectively manage user roles, you should consider implementing roles and user management at two levels:
- Tenant: At the tenant level, roles can be simple with only admin or non-admin access, which grants access to all aspects of the software. However, more granular roles such as TENANT_ADMIN, TENANT_VIEWER, and TENANT_CONTRIBUTOR can also be implemented if necessary. User management at this level requires the implementation of an invitation process with email and tracking to ensure the invited user accepts the invitation.
- Workspace: Workspaces contain private data that should only be visible to authorized users. User management at the workspace level is much simpler than at the tenant level, as you can only add, remove, or update a user’s role within a particular workspace if they already have access at the tenant level.
Permissions Management
When roles are something that the end user can easily understand and manage, permissions management is something more technically generally handled by the Administrator but even more by your other application. In a distributed system, permissions have to be challenged on each call done by users. With the design defined above, we have to set the context in every call which is :
- In which tenant the user is ?
- In which subscription the user is ?
- In which workspace the user is ?
Technically speaking, you can use HTTP header, that refer to the context:
- X-WORKSPACE-ID
- X-SUBSCRIPTION-ID
- X-TENANT-ID
While the user id is generally given by the authentification token (JWT for example).
Complete flow with example
Bonus: Permissions at the machine level
Machine-to-machine authentication (M2M) enables secure communication between different remote systems, allowing only authorized services to access information on another system. M2M authentication is crucial for managing permissions and access control, especially in cloud computing or distributed systems. It helps prevent unauthorized access to sensitive information and reduces the risk of security threats. Overall, M2M authentication is an important component of any effective permissions management strategy.
Conclusion
To conclude, a well-designed user management system is essential for any SaaS business especially for entreprise target. The system needs to be flexible, customizable, and easy to use to meet the needs of the customers. To achieve this, a three-level abstraction approach can be taken. The levels include tenants, organizations, and users, which help to create different levels of abstraction for user and organization management. Furthermore, understanding the needs of customers such as roles and permissions, fine-grained permissions, different plans, and multi-tenant capabilities, can help create a seamless experience for the customers. By following these guidelines, SaaS providers can offer a user management system that is scalable, effective, and meets the unique needs of their customers.