figma guide
Designing custom roles and permission templates UI in Figma: RBAC builder, presets, and handoff
Design custom roles and permission templates in Figma with role builder, permission matrices, preset templates, inheritance rules, and Dev Mode specs for enterprise RBAC.
- Published
- Updated
- Jul 12, 2026
- Read time
- 7 min
- Level
- Intermediate
Quick answer
Custom roles let enterprise admins bundle permissions beyond fixed Admin/Member/Viewer—usually under Organization → Roles, Security → Permissions, or Admin → Role templates. Design a role list with name, member count, system vs custom badge, and last edited; a role builder with grouped permission toggles and search; preset templates (Billing Admin, Content Editor, Auditor) users can duplicate; and inheritance rules when roles stack with team groups or SCIM group mapping. Block edits to system roles, warn when a permission change affects live members, and log changes to audit activity. Start from the Figma guides hub and pair with Dev Mode handoff for permission enum specs.
Who this is for
- Product designers building enterprise admin consoles where fixed roles are not enough for compliance or departmental access.
- Design system teams extending member list and invite flows without duplicating every permission toggle per user.
- Engineers implementing RBAC with role templates, permission inheritance, and SCIM group-to-role mapping.
Fixed roles vs custom roles vs templates
| Model | Who defines it | Best for | UI complexity |
|---|---|---|---|
| Fixed roles | Product (Admin, Member, Viewer) | SMB, self-serve | Low—dropdown only |
| Custom roles | Org admin | Enterprise, regulated industries | Medium—role builder |
| Permission templates | Product presets org can clone | Faster rollout | Low start, medium edit |
| Direct user overrides | Admin per user | Exceptions, break-glass | High—avoid in v1 |
Verdict: ship fixed roles first, then templates + custom roles for Enterprise. Never expose raw permission toggles on every member row—that does not scale past 20 users.
Role list page
| Column / element | Spec | Notes |
|---|---|---|
| Role name | Custom or system label | System roles: lock icon |
| Type badge | System / Custom / Template | Templates = “Based on preset” |
| Members | Count + link to filtered member list | Click opens People tab |
| Permissions summary | ”12 of 48 permissions” or top 3 chips | Avoid wall of text |
| Last updated | Date + editor name | Link to audit log |
| Actions | Edit, Duplicate, Delete (custom only) | Delete blocked if members assigned |
RoleListPage
├── Header: Roles & permissions + Create role
├── SystemRolesSection (read-only cards)
├── CustomRolesTable
│ └── Row: Name, Type, Members, Summary, Updated, Actions
├── TemplateGallery (optional): Duplicate preset
└── EmptyState: "Start from a template or create blank role"
System roles (Owner, Admin, Member, Viewer, Billing Admin) should be view-only with “Contact support to change defaults” for true enterprise overrides—not editable toggles that break support docs.
Role builder layout
Group permissions by product area, not alphabetically:
| Group | Example permissions | UI pattern |
|---|---|---|
| Members & invites | Invite, remove, change roles | Toggle list |
| Billing | View invoices, change payment, manage seats | Link to org billing |
| Content / projects | Create, delete, publish, comment | Nested when resource-scoped |
| Security | SSO, SCIM, API keys, sessions | Danger zone styling |
| Integrations | Install apps, manage webhooks | Optional enterprise |
| Audit & compliance | Export logs, retention settings | Read-only vs manage split |
RoleBuilder
├── RoleNameField + Description (optional)
├── PermissionSearch (filter groups)
├── PermissionGroups (accordion)
│ └── PermissionRow: Label, description, toggle, dependency hint
├── DangerZoneBanner (if security perms selected)
├── AffectedMembersPreview ("23 members will gain Billing view")
└── Actions: Save, Save as template, Cancel
Dependency hints: when “Manage SCIM” is enabled, show inline note: “Requires View SSO settings.” Gray out dependent toggles until parent is on.
Preset templates
Offer duplicate-and-edit instead of blank-slate role creation:
| Template | Typical permissions | Best for |
|---|---|---|
| Billing Admin | View/edit billing, view members | Finance ops |
| Content Editor | Create/edit content, no admin | Marketing teams |
| Auditor | Read-only audit log, export reports | Compliance |
| Integration Admin | API keys, webhooks, apps | Platform team |
| Guest Collaborator | Comment only, no export | External partners |
Template card UI:
┌─────────────────────────────────────────────┐
│ Billing Admin (template) │
│ View invoices, manage seats, view members │
│ [ Duplicate and customize ] │
└─────────────────────────────────────────────┘
After duplicate, open role builder with name pre-filled: “Billing Admin (copy)”.
Permission matrix (read-only view)
Enterprise buyers often want a PDF-exportable matrix for security review:
| Permission | Owner | Admin | Custom: Auditor | Custom: Editor |
|---|---|---|---|---|
| Invite members | ✓ | ✓ | — | — |
| View audit log | ✓ | ✓ | ✓ | — |
| Export data | ✓ | — | ✓ | — |
Design as a sticky-header table with role columns and permission rows. Offer Export CSV/PDF for procurement. This is read-only—edits happen in role builder, not inline cells.
Assigning custom roles
Extend member list and invite flow:
| Surface | Change | Validation |
|---|---|---|
| Invite modal | Role dropdown includes custom roles | Warn if role has billing perms |
| Member row | Role change opens summary of delta | Re-auth for security roles |
| Bulk assign | Select members → Change role | Max 50 per batch with progress |
| SCIM mapping | IdP group → custom role | Read-only badge “Synced from Okta” |
Multi-role products: if users can hold multiple roles, use chips + Add role instead of single dropdown—and define union vs highest inheritance in copy.
Inheritance and conflicts
| Rule | UI copy | Example |
|---|---|---|
| Union (most permissive) | “Effective permissions combine all roles” | Editor + Billing Admin = both sets |
| Highest role wins | ”Strongest role applies” | Admin overrides Viewer |
| Explicit deny | Red toggle “Deny export” | Compliance lockout |
Show Effective permissions preview on member detail: “Roles: Editor + Auditor → can view audit log, cannot invite.”
When SCIM maps groups to custom roles, block manual role edits on synced users with tooltip: “Role managed by identity provider.”
Edit, duplicate, and delete flows
| Action | Confirmation | Side effects |
|---|---|---|
| Save permission change | Modal if members > 0: “Affects N members” | Audit log entry |
| Duplicate role | None | New draft name |
| Delete role | Block if members assigned; else type role name | Reassign prompt |
| Rename role | None | SCIM mapping update warning |
Delete blocked state:
Cannot delete "Content Editor" — 14 members still assigned.
[ Reassign members ] [ Cancel ]
Common mistakes
| Mistake | Why it hurts | Fix |
|---|---|---|
| Editable system Owner role | Support nightmares, security holes | View-only + docs link |
| Flat list of 80 permissions | Admins miss critical toggles | Group by product area + search |
| No affected-member preview | Surprise access changes | Count + sample names before save |
| Custom roles on every SMB plan | Complexity for small teams | Gate behind Enterprise tier |
| SCIM + manual role edit conflict | Drift between IdP and app | Read-only synced badge |
| Matrix editable inline | Accidental bulk changes | Read-only matrix, edit in builder |
| No audit trail on role edits | Compliance failure | Log to security activity |
| Billing perms without re-auth | Account takeover risk | Step-up auth on save |
Recommended workflow
- Audit fixed roles in team permissions—identify gaps Enterprise needs.
- Define 4–6 preset templates with clear permission bundles.
- Design role list with system vs custom sections.
- Build role builder with grouped toggles and dependency hints.
- Add read-only permission matrix with export.
- Wire invite and member row to custom role dropdown.
- Prototype SCIM-mapped role, delete-blocked, and affected-members confirm states.
- Hand off permission enums and inheritance rules in Dev Mode.
FAQ
When should we add custom roles vs more fixed roles?
Add fixed roles when every customer needs the same label (Billing Admin). Add custom roles when enterprises need department-specific bundles—usually at 100+ seat deals.
Can custom roles include “deny” permissions?
Only if engineering supports explicit deny in the ACL model. Otherwise use a dedicated Restricted role with minimal allow list.
How do templates differ from custom roles?
Templates are product-defined starting points; custom roles are org-owned after duplicate. Templates may receive updates; custom roles do not auto-update.
Should guests get custom roles?
Yes—Guest Collaborator template with comment-only and no export. Pair with session timeout for external users.
Multi-workspace: org role vs workspace role?
Show two pickers or tabs: Org role (billing, SSO) vs Workspace role (projects). Effective permissions = combined per your inheritance doc.
Next steps
- Design team member roles and permissions UI in Figma — member list, invites, fixed RBAC
- Design SCIM and directory sync UI in Figma — group-to-role mapping
- Design audit log and security activity UI in Figma — log role changes
- Design organization billing and seat management UI in Figma — Billing Admin template
- Design SSO and enterprise login UI in Figma — login policy vs role assignment
§ Keep reading