Launching roles-based access control for Upwork
Re-architecting access control so users at Fortune-100 clients could self-serve at scale and redesign to align with an updated design system.
My role
Product Design Manager
Responsible for: Project strategy, information architecture, design direction
Timeframe
5 months from research to launch
The team
1 product manager
1 platform architect
1 senior product designer
1 content designer
Why this work surfaced
Enterprise growth was stalling because admins couldn’t mirror real-world org charts inside Upwork. Every large client required days of white-glove support just to add users or change permissions—costly for the business, frustrating for them.
“When users register, the only team they see is New User. We have to move them later—it’s too hard to explain how to find the right team.” -Enterprise Support Lead
Opportunity: Design roles-based access control that scales from 10 to 10 000 users without help tickets.
Outcomes
- Onboarding time for 100-user accounts: 5.2 days → 1.1 days.
- Roles/Teams tickets: 420 → 95 per month.
- Setup-phase NPS: 34 → 52.
- New hierarchical teams structure unlocked additional revenue pipeline
Project Goals
Slash onboarding friction so new accounts go live in < 24 hrs.
Give admins confidence that roles and data visibility match internal policies.
Create an architecture flexible enough for future business-unit upsells.
Discovery & Insight Methods
Live-Account Tear-downs
Why this mattered → I wanted to expose real edge-cases that support had been masking from product dashboards.
Key learning → Every client recreated their org chart offline; none used Upwork’s built-in teams.
100 + Voice-of-Customer Tickets
Why this mattered → Allowed us to put a dollar sign on the pain, turning “we think” into “we know.”
Key learning → 68 % of tickets traced directly to unclear roles or excess permissions.
Legacy-Schema Eng Workshop
Why this mattered → Surfaced tech constraints early, keeping design from being “scoped down” later.
Key learning → The flat permissions table couldn’t express inheritance; we needed a new DB layer.
Design principles to ground the work
Self-serve first — Every ticket avoided = ~$38 support cost saved and one less excuse for Sales to discount.
Least privilege by default — Simplifies InfoSec reviews, turning a month-long audit into a checkbox.
Progressive disclosure — Keeps day-one tasks fast while preserving expert power, preventing shadow IT tools.
Validation plan
I partnered with my senior product designer to prepare a test plan for the new designs that could validate choices within 1 week. The designs below are the result of validation that the updates would address the project goals, and exposed some minor usability improvements to make before launch.
Org-Reorg Scenario (Moderated Task) — Proves self-serve is truly self-serve before we roll out to thousands.
Role-Definition Recall (Concept Test) — If admins can’t explain the model, Audit & Risk will reject it—simple as that.
Architecture-to-Interface decisions
The new designs adopted components from an updated design system, and heavily improved the information architecture.
1. Alter the navigation path
Why — Aligned with the mental model that users have for access controls, exposed through VOC data.
2. Hierarchical Teams
Why — Mirrors real org charts; makes re-orgs a bulk move, not a two-day support job. We knew this as a result of the account tear-downs.
3. Prioritize key filters
Why — Users either need to search for an exact name or find all the members with specific attributes.
3. Four Role Presets + Custom
Why — Presets cover 90 % of cases, keeping onboarding fast; the “Custom” escape hatch satisfies edge-case legal teams..
4. Inline role switcher
Why — Surfacing the consequence of a role change right where it’s made eliminates trial-and-error tickets.
Impact Snapshot
Onboarding 100-user account: 5.2 → 1.1 days
Roles/Teams tickets: 420 → 95 per month
Enterprise NPS increased