Cloudentity

Founder-level product design for a cloud-native identity & authorization control plane
Role: Founding Designer / Director of UX & Design Scope: Product design, design system, IA, workflows, customer journey mapping, GTM enablement Focus: Authorization, API protection, developer portal, consent/PII-aware policy + audit Outcome: Company acquired by SecureAuth (confidential specifics omitted)

Cloudentity was built for the “open everything, trust nothing” era: hybrid cloud, API-first ecosystems, and modern identity architectures where authorization, consent, and auditability can’t be bolted on at the end. My work centered on designing a scalable product foundation—workflows, information architecture, and system patterns—that supported high-velocity engineering while keeping the experience coherent for security leadership, platform teams, and developers shipping to production.

Cloudentity product and brand overview

Designing a control plane for authorization—where policy, audit, and developer velocity can coexist.

The product narrative centered on cloud-native modernization and a developer-forward approach: externalized runtime authorization, policy as code, and API-first operations—paired with privacy/consent and tamper-resistant audit capabilities. The UX challenge was to make complex security primitives feel approachable, repeatable, and administrable at scale—without watering down the power.

01

Turn security concepts into runnable workflows

I mapped authorization into concrete product flows: applications → clients → grants/scopes → policies → enforcement → audit. This made “authorization control plane” tangible for both leadership and implementers—reducing ambiguity while speeding execution.

02

Design for developers without abandoning governance

A core constraint was balancing DX with policy guardrails. I designed patterns that kept the system API-first and DevSecOps-ready, while still surfacing the governance needs security teams require: traceability, versioning, and defensible configuration.

03

Unify product + brand into one credible story

As the founding designer, I shaped the product’s visual language and communication artifacts so the UX, pitch narrative, and enterprise trust signals stayed consistent—especially critical for selling into regulated and risk-sensitive organizations.

Cloudentity brand + product overview
01 / Brand system + early product narrative
Application type selection flow
02 / Application setup — reduce friction, keep policy intent
OAuth client configuration
03 / OAuth configuration — predictable, audit-friendly layouts
JWKS configuration
04 / Key management — clarity under technical density
Composite product screens
05 / Control plane surfaces — policy, enforcement, visibility
Composite product screens
06 /Zero Trust
Composite product screens
07 / Zero Trust

“Right people, right data, right place, right time.”

The platform vision was cloud-native identity and authorization at planet scale—built around microservices, API-first operations, and a declarative model (“authorization as code”). Product UX needed to translate deep security primitives into clear, repeatable, admin workflows while enabling developers to integrate fast and safely.

Key constraints
  • Hybrid / multi-cloud environments + legacy IAM coexistence
  • High-stakes security outcomes (privacy, consent, audit)
  • Developer experience must reduce workload (API-first everything)
  • Enterprise credibility: clarity, consistency, and defensible defaults
  • Complex mental models (policies, scopes, enforcement points)
Key signals

Cloudentity’s positioning emphasized modern, cloud-native IAM: microservices architecture, API-first operations, declarative authorization, and audit/consent primitives that support regulated ecosystems—without sacrificing developer velocity.

120K

OAuth flows per second (“planet scale”) supported by a cloud-native architecture designed for high-performance identity and authorization.

30+

Stateless microservices framing the platform model (Users, Services & Things), enabling modular growth and portable deployments.

API-first

Every major function designed as an API surface—supporting CI/CD and DevSecOps patterns while keeping governance legible.

Audit + Consent

Product storytelling anchored on privacy-by-design, PII awareness, and tamper-resistant audit at the API boundary.

Final thoughts

This case study highlights experience architecture and product foundations. Certain details are shared at a high level due to confidentiality and acquisition-era constraints. If you’d like, I can also add a “Design System” section (tokens, components, usage rules), plus a “GTM enablement” section (pitch narrative, iconography, product diagrams).