Replacing a 14-digit

activation code with a link

Replacing a 14-digit

activation code with a link

1.

OVERVIEW

How I redesigned the way an enterprise identity platform onboards unknown users — turning a copy-paste credential ritual into a single shareable link, validated with 28 stakeholders across four business segments.

Sole Designer

End-to-end Design

Full-time

Phoenix

Customer Admin management

ROLE

Product Designer

(Internal Admin tool)

TEAM

2 PMs

1 Researcher

1 Designer

TIMELINE

Q4 2025 - Q1 2026

SCOPE

Internal Admin tool(owned)

External admin dashboard(Contributed

+71%

+71%

UMUX-Lite Score improvement

+51%

+51%

Time on task completion rate

2.

CONTEXT

2.

Why did we need

a new ADMIN CONSOLE?

A platform with two onboarding doors, neither of which fit.

The company runs a large identity platform across dozens of research and AI products.

Two parallel onboarding systems existed.

  • One platform handled known users - admins typed in an email address, the system sent an invitation, the user clicked, done. Clean.

  • The other handled unknown users - anyone without a pre-known email, including bulk trial signups, conference attendees, and customers who couldn't reveal their user list in advance.

    That system used a Registration ID and an Activation Code, which an admin had to generate, copy, and pass along - usually pasted into an email or chat — for the user to then manually re-enter on a form.

"Two parallel systems. Neither fit unknown users without copy-paste credentials"

"Two parallel systems. Neither fit unknown users without copy-paste credentials"

Both flows worked. Neither was good. The known-user flow couldn't accept unknown users by definition. The unknown-user flow technically worked but generated an outsized share of access support tickets, made trial onboarding feel clumsy to enterprise customers, and gave admins almost no visibility into what happened after credentials were shared.

My PM brought a brief: design a third path. One link, one click, no codes, with enough flexibility to cover trials, subscriptions, and non-SSO remote users, while replacing the old activation-code flow entirely.

3.

EXPERIENCE MAPPING(Before and After)

3.

EXPERIENCE MAPPING(Before and After)

What "copy-paste a 14-digit code actually felt like.

4.

SCOPING

4.

SCOPING

Identity work invites scope creep. Every stakeholder has a flow they want supported. We held Phase 1 to a deliberately narrow slice, username and password authentication, B2B known organizations with unknown users, replacing the activation-code flow - and made the out-of-scope list explicit so it could be argued with.

IN SCOPE (PHASE 1)

  • B2B known org, unknown user(Username/password)

  • Trial and Subscription entitlement types

  • Replaces registration ID + Activation code flow

  • Link + QR code distribution

  • Status tracking for both admin personas

OUT OF SCOPE (PHASE 2)

  • B2C, Guest and Anonymous users

  • Unknown org/trial to unknown org flows

  • Conference onboarding(Try before you buy subscription)

  • SAML/SSO

5.

RESEARCH

5.

RESEARCH

Concept Validation & Ecosystem Research (Jan – Feb 2026)

  • Led cross-functional validation alongside Product Management and Research to pressure-test the new invitation workflow prior to development.

  • Audited the end-to-end service ecosystem by mapping insights from a highly realistic cohort: end-user invitees, IT platform admins, internal tier-1 support teams, and account provisioning leads.

  • Mitigated operational risk by identifying and designing for critical backstage friction points before code was written, drastically reducing potential downstream support volume.

28

28

Stakeholders interviewed across both prototype surfaces

16

16

In Sales(account managers, executives, directors)

6

6

In E-Delivery(the team that actually entitles users)

4

4

Working with Societies, a distinct distribution model

2

2

In Customer Support, troubleshooting access daily

MoSCoW

MoSCoW

Prioritization, with explicit "Won't do" decisions documented per findings

Three findings that shaped the roadmap

MUST HAVE

MUST HAVE

Decouple link expiry from access duration

Decouple link expiry from access duration

The single most consistent ask.

  • Admins wanted the link to expire on one schedule (so it couldn't be reshared forever) and,

  • The access the link granted to expire on a separate schedule (so a trial could be 30 days regardless of when the user actually clicked).

MUST HAVE

MUST HAVE

Turning a workaround into a First-class feature

Turning a workaround into a First-class feature

In enterprise environments, the "happy path" rarely survives network security. During our research phase, we uncovered a critical technical blocker: several major corporate clients actively drop or block email-based invitation links at their network gateways.

  • Initially, a QR code was treated as a secondary fallback. However, our data revealed that this "workaround" was actually the primary path home for nearly 25% of our target user base.

  • The Pivot: Instead of treating the QR code as a hidden afterthought, I led a UI restructuring of the Admin Dashboard. By making the QR code a co-equal visual peer to the standard invite URL, we accommodated strict enterprise security architectures, completely eliminated a major drop-off vector, and streamlined access for a quarter of our ecosystem without compromising security.

SHOULD HAVE

SHOULD HAVE

Let admins remove their own users

Let admins remove their own users

In the old flow, removing a user from an entitlement meant filing a ticket. Self-service removal showed up across multiple segments as a quiet productivity win

  • It reduces support load and gives admins legitimate control over the access they themselves granted.

5.

INTERNAL ADMINS CREATE.

EXTERNAL ADMINS MANAGE.

END USERS REDEEM.

5.

INTERNAL ADMINS CREATE.

EXTERNAL ADMINS MANAGE.

END USERS REDEEM.

The Invite link lives across two separate products built by two different teams.

  • I owned the design of the internal admin tool (where invites are created and tracked) and contributed to the external admin dashboard (where customer-side admins see the invites their account team set up for them, manage users, and re-share the QR when needed).

  • That meant two PMs, two design systems, two sets of constraints and the same user mental model needing to survive translation between them.

A

A

INTERNAL ADMIN TOOL

Configures org, group, product, dates, contact details, validation rules

  • Generates link + QR + Audit trail

B

B

EXTERNAL ADMIN DASHBOARD

Sees the trial in their org view, manages users in the table, reshares QR

  • Pushes invite to end users

C

C

END USER

Clicks link or scans QR, claims email, registers or signs in.

  • Access granted, status updates upstream

6.

KEY DESIGN DECISIONS

6.

KEY DESIGN DECISIONS

System Design Trade-off: Single-Page Architecture over Wizard Steppers

During the design phase, a traditional multi-step wizard was considered to manage the dense configuration form. However, observational research into our internal administrators’ daily environments revealed that a wizard would break their task momentum.

WHY?

  • Admins use this interface while actively cross-referencing live data from a separate Salesforce window. They aren't discovering a flow; they are executing highly repetitive, high-volume data transcription.

THE DECISION

  • I deliberately pivoted to a unified, dense single-page form layout. By grouping relevant input fields onto a single scrollable plane

  • I optimized the interface for expert power-users.

  • Eliminated sequential navigation click steps, reducing overall time-to-completion.

ERGONOMIC DATA MAPPING

  • Allowed seamless scanning and keyboard tabbing (Tab + Enter), mirroring the visual layout of their Salesforce reference tool.

  • Eradicated the risk of hidden state validation errors typical of wizards, allowing admins to review and verify the entire data block before submission.

The focus was for the trial but we made it scalable for Subscription as well as some edge cases to invite special kind of societies which are specific publications and have less employees to give them easy access from the leadership of this organization.

Dual-date model

Most form-based onboarding tools collapse "when does this stop working" into a single field. I split it into three:

  • Set access dates - start and end, or a fixed number of days after activation

  • Final access end date - a hard ceiling regardless of when activation started

  • Date link expires - when the invite itself stops working, independent of access

Three fields instead of one is a hit to perceived simplicity. But conflating them meant a customer who clicked their invite on day 29 of a 30-day window got one day of access and a support ticket.

Splitting the model removed an entire category of escalation.

We also wanted to get information about the person who's gonna distribute the links to these unknown users. for us to send email to them we wanted to have their names and email ids.

  • We also considered the different roles of these admins, some organizations might have these roles, some won't.

Later, to make this form compact, We combined it to one section in UI.

Now, How does that translate to customer admin platform?

We did following 2 iterations for the same.

  1. Modal Panel view(Temporary view)

  2. Stand alone page for trial details

We also gave a simple representation of how a QR code should look like for them.

On left, the MVP and then I styled it as per our design systems components.

7.

Impact

7.

Impact

Successfully launched for trials for limited organizations and getting positive reviews from internal admins for smoother process.

More metrics yet to be updated.

Thank You 😇