GOAL
Provide the ability for a customer to create and manage user groups. Allow admins to configure SSO solutions to onboard users to Solace Cloud, then use claim values from the customer's identity provider to assign roles.
1
Scale our Identity and Access Management (IAM) to allow enterprise support for large teams
2
Allow an organization to align their own identity provider roles (IdP) with those of Solace Cloud
RESULTS
π Achieved alignment with the stakeholder vision established during early workshops
π Enabled granular control for 8 global roles and 3 resource role-based access control permissions (RBAC)
π One major retail customer intends to use the feature to create 1,000 to 3,000 user groups, containing 10 users each
π Allowed us to create the foundation for future roles for 2 new resources in 3 upcoming projects
Why It Exists
As the platform scaled, managing user access at an individual level became increasingly complex and error-prone. Enhancement to the identity and access management model was needed to ensure security, consistency, and operational efficiency across larger teams and products.
User groups were introduced to allow multiple users to be connected to an identity provider with shared roles and permissions. This shifted access management from manual configuration to a reusable, policy-driven model.
The user groups feature was designed as a foundational platform capability, aligning access control with enterprise security practices. The goal was to support scalable governance while integrating seamlessly with external identity providers.
Research
To understand the problem space, interviews were held with subject matter experts. The data synthesized from those interviews formed the context for a stakeholder workshop.
Subject matter expert interviews
Key findings
Participant 1
All settings should be readily available in the UI
Have clear documentation
It should be dynamic. The less management, the better. Less chance for human error
Participant 2
Our platform should match their IdP
Initial configuration is a struggle so enablement is the key to good onboarding
Participant 3
Users just want a straightforward, easy answer. They donβt read
Donβt make permission schemes complex or itβll be an administrative nightmare
11-star experience workshop
Workshop Format
An 11-star experience is an ideation framework where teams map out a customer experience from 1-star (terrible) to 11-star (impossibly magical)
The goal is to break out of conventional thinking and identify what a truly exceptional experience looks like
12 cross-functional stakeholders (directors, architects, managers, and UX) collaborated to envision an IAM experience unconstrained by today's limitations
This gave leaders from different backgrounds a shared, aspirational goal to align around
The workshop resulted in landing on a 6 and 7-star experience as our 2-year vision
Current Design
The requirements and vision of what we wanted to achieve.
High-Level Mocks
The flow and general areas of impact.
Detailed Mocks
The styling and behavioural details.
Final Designs
The resulting implementation.
Feature Results
User groups resulted in great outcomes:
It allowed Solace to scale with growing customers
It met permission scheme requirements
It allowed granular control over roles and permissions
It improved permission consistency
It improved security access to resources
It enabled integration with 3rd part identity providers
Business Impact
In the end, we successfully implemented a cross-platform vision and provided positive customer impact:
We simplified onboarding and offboarding
We reduced administrative overhead
We enabled organizations to manage security at scale without slowing down workflows
We put mechanisms in place to scale our global roles and resource role-based access control permissions
We allowed one major retail customer to create 1,000 to 3,000 user groups, with 10 users per group