Identity principles

Section 2: User experience

Part of
Architecture: work in progress collection
Last reviewed
8 June 2026
Owner
Head of Architecture

3. Consider the user experience

Considering user needs is core to everything we do, and must therefore be considered for how we manage a user’s identity access journey.

Why this is important

The user experience should be considered when utilising Identity Management solutions. How will it affect the user journey? Is it a seamless experience or does it burden the user?

How to do this

You should:

  • follow existing guidance from the Service Manual

  • work with user researchers and product owners across DfE and government to understand what knowledge exists around ID. Share your users’ challenges widely to gather information and potential solutions

4. Consider end-user autonomy and self-service

Systems should implement self-service capabilities to empower end-users and reduce support costs.

Why this is important

Legacy systems and operational processes rely on paper-based procedures managed by service desks to access systems and make changes. This causes delays for end-users and drives up support costs for operatives who need to manage the end-to-end process to grant and manage access to systems and data.

Modern Identity Governance and ITSM (Information Technology Service Management) platforms can automate this process either with system and data owners as gatekeepers who approve digital requests, or automatically granting access to systems and data based on an end-user’s persona, job role or organisation.

The use of digital processes and self-service for end-users:

  • increases end-user experience

  • reduces support costs

  • improves security and auditing for a system, as digital audit logs can be reviewed and governed more easily than paper-based equivalents

How to do this

You should:

  • ensure systems support the principles outlined here to align to standard authentication and identity governance solutions and support policy-based access controls

  • ensure that we know who data and system owners are and that we support any approvals for self-service requests

  • enable integration into ITSM platforms where relevant, to allow access to be automatically granted via service tickets or as part of standard JML (Joiners, Movers, Leavers) processes