figma guide

Designing custom roles and permission templates UI in Figma: RBAC builder, presets, and handoff

Design custom roles and permission templates in Figma with role builder, permission matrices, preset templates, inheritance rules, and Dev Mode specs for enterprise RBAC.

Published
Updated
Jul 12, 2026
Read time
7 min
Level
Intermediate

Quick answer

Custom roles let enterprise admins bundle permissions beyond fixed Admin/Member/Viewer—usually under Organization → Roles, Security → Permissions, or Admin → Role templates. Design a role list with name, member count, system vs custom badge, and last edited; a role builder with grouped permission toggles and search; preset templates (Billing Admin, Content Editor, Auditor) users can duplicate; and inheritance rules when roles stack with team groups or SCIM group mapping. Block edits to system roles, warn when a permission change affects live members, and log changes to audit activity. Start from the Figma guides hub and pair with Dev Mode handoff for permission enum specs.


Who this is for

  • Product designers building enterprise admin consoles where fixed roles are not enough for compliance or departmental access.
  • Design system teams extending member list and invite flows without duplicating every permission toggle per user.
  • Engineers implementing RBAC with role templates, permission inheritance, and SCIM group-to-role mapping.

Fixed roles vs custom roles vs templates

ModelWho defines itBest forUI complexity
Fixed rolesProduct (Admin, Member, Viewer)SMB, self-serveLow—dropdown only
Custom rolesOrg adminEnterprise, regulated industriesMedium—role builder
Permission templatesProduct presets org can cloneFaster rolloutLow start, medium edit
Direct user overridesAdmin per userExceptions, break-glassHigh—avoid in v1

Verdict: ship fixed roles first, then templates + custom roles for Enterprise. Never expose raw permission toggles on every member row—that does not scale past 20 users.


Role list page

Column / elementSpecNotes
Role nameCustom or system labelSystem roles: lock icon
Type badgeSystem / Custom / TemplateTemplates = “Based on preset”
MembersCount + link to filtered member listClick opens People tab
Permissions summary”12 of 48 permissions” or top 3 chipsAvoid wall of text
Last updatedDate + editor nameLink to audit log
ActionsEdit, Duplicate, Delete (custom only)Delete blocked if members assigned
RoleListPage
├── Header: Roles & permissions + Create role
├── SystemRolesSection (read-only cards)
├── CustomRolesTable
│   └── Row: Name, Type, Members, Summary, Updated, Actions
├── TemplateGallery (optional): Duplicate preset
└── EmptyState: "Start from a template or create blank role"

System roles (Owner, Admin, Member, Viewer, Billing Admin) should be view-only with “Contact support to change defaults” for true enterprise overrides—not editable toggles that break support docs.


Role builder layout

Group permissions by product area, not alphabetically:

GroupExample permissionsUI pattern
Members & invitesInvite, remove, change rolesToggle list
BillingView invoices, change payment, manage seatsLink to org billing
Content / projectsCreate, delete, publish, commentNested when resource-scoped
SecuritySSO, SCIM, API keys, sessionsDanger zone styling
IntegrationsInstall apps, manage webhooksOptional enterprise
Audit & complianceExport logs, retention settingsRead-only vs manage split
RoleBuilder
├── RoleNameField + Description (optional)
├── PermissionSearch (filter groups)
├── PermissionGroups (accordion)
│   └── PermissionRow: Label, description, toggle, dependency hint
├── DangerZoneBanner (if security perms selected)
├── AffectedMembersPreview ("23 members will gain Billing view")
└── Actions: Save, Save as template, Cancel

Dependency hints: when “Manage SCIM” is enabled, show inline note: “Requires View SSO settings.” Gray out dependent toggles until parent is on.


Preset templates

Offer duplicate-and-edit instead of blank-slate role creation:

TemplateTypical permissionsBest for
Billing AdminView/edit billing, view membersFinance ops
Content EditorCreate/edit content, no adminMarketing teams
AuditorRead-only audit log, export reportsCompliance
Integration AdminAPI keys, webhooks, appsPlatform team
Guest CollaboratorComment only, no exportExternal partners

Template card UI:

┌─────────────────────────────────────────────┐
│  Billing Admin (template)                   │
│  View invoices, manage seats, view members  │
│  [ Duplicate and customize ]                │
└─────────────────────────────────────────────┘

After duplicate, open role builder with name pre-filled: “Billing Admin (copy)”.


Permission matrix (read-only view)

Enterprise buyers often want a PDF-exportable matrix for security review:

PermissionOwnerAdminCustom: AuditorCustom: Editor
Invite members
View audit log
Export data

Design as a sticky-header table with role columns and permission rows. Offer Export CSV/PDF for procurement. This is read-only—edits happen in role builder, not inline cells.


Assigning custom roles

Extend member list and invite flow:

SurfaceChangeValidation
Invite modalRole dropdown includes custom rolesWarn if role has billing perms
Member rowRole change opens summary of deltaRe-auth for security roles
Bulk assignSelect members → Change roleMax 50 per batch with progress
SCIM mappingIdP group → custom roleRead-only badge “Synced from Okta”

Multi-role products: if users can hold multiple roles, use chips + Add role instead of single dropdown—and define union vs highest inheritance in copy.


Inheritance and conflicts

RuleUI copyExample
Union (most permissive)“Effective permissions combine all roles”Editor + Billing Admin = both sets
Highest role wins”Strongest role applies”Admin overrides Viewer
Explicit denyRed toggle “Deny export”Compliance lockout

Show Effective permissions preview on member detail: “Roles: Editor + Auditor → can view audit log, cannot invite.”

When SCIM maps groups to custom roles, block manual role edits on synced users with tooltip: “Role managed by identity provider.”


Edit, duplicate, and delete flows

ActionConfirmationSide effects
Save permission changeModal if members > 0: “Affects N members”Audit log entry
Duplicate roleNoneNew draft name
Delete roleBlock if members assigned; else type role nameReassign prompt
Rename roleNoneSCIM mapping update warning

Delete blocked state:

Cannot delete "Content Editor" — 14 members still assigned.
[ Reassign members ]  [ Cancel ]

Common mistakes

MistakeWhy it hurtsFix
Editable system Owner roleSupport nightmares, security holesView-only + docs link
Flat list of 80 permissionsAdmins miss critical togglesGroup by product area + search
No affected-member previewSurprise access changesCount + sample names before save
Custom roles on every SMB planComplexity for small teamsGate behind Enterprise tier
SCIM + manual role edit conflictDrift between IdP and appRead-only synced badge
Matrix editable inlineAccidental bulk changesRead-only matrix, edit in builder
No audit trail on role editsCompliance failureLog to security activity
Billing perms without re-authAccount takeover riskStep-up auth on save

  1. Audit fixed roles in team permissions—identify gaps Enterprise needs.
  2. Define 4–6 preset templates with clear permission bundles.
  3. Design role list with system vs custom sections.
  4. Build role builder with grouped toggles and dependency hints.
  5. Add read-only permission matrix with export.
  6. Wire invite and member row to custom role dropdown.
  7. Prototype SCIM-mapped role, delete-blocked, and affected-members confirm states.
  8. Hand off permission enums and inheritance rules in Dev Mode.

FAQ

When should we add custom roles vs more fixed roles?

Add fixed roles when every customer needs the same label (Billing Admin). Add custom roles when enterprises need department-specific bundles—usually at 100+ seat deals.

Can custom roles include “deny” permissions?

Only if engineering supports explicit deny in the ACL model. Otherwise use a dedicated Restricted role with minimal allow list.

How do templates differ from custom roles?

Templates are product-defined starting points; custom roles are org-owned after duplicate. Templates may receive updates; custom roles do not auto-update.

Should guests get custom roles?

Yes—Guest Collaborator template with comment-only and no export. Pair with session timeout for external users.

Multi-workspace: org role vs workspace role?

Show two pickers or tabs: Org role (billing, SSO) vs Workspace role (projects). Effective permissions = combined per your inheritance doc.


Next steps

Share on X

§ Keep reading

Related guides.