White-Label Product & Auth0 Integration
Lead designer on a white-label superannuation platform serving 300,000 members across 5 client brands. Redesigned registration and integrated Auth0 for 250,000 members after a security incident. Governed the design system across all client experiences.
Grow runs a white-label superannuation platform. Each financial institution client gets a branded experience, all built on the same system. Clients included Vanguard Super, Australian Ethical, and NGS Super — 300,000 members combined.
I was the lead product designer. I owned both the member-facing product and internal operational tools.
Two problems hit at once. A robot attack exposed weaknesses in how registration handled identity verification. No users were affected, but it forced us to act. The existing registration flow was already too long and confusing — generating avoidable support calls. We needed to integrate Auth0 as our identity provider, redesign the registration experience, and get sign-off from both clients.
At the same time, five client brands were pulling the design system apart. Every new customisation request risked inconsistency, maintenance overhead, and design debt.
Challenges
Engineers brought in too late
We mapped user flows before involving engineers. When we showed them, they flagged that some flows weren't possible with Auth0. We had to redo signed-off work. I now include an engineer from the first session on every project.
Auth0 limited what we could control
We couldn't customise everything. Identity matching failures showed vague error messages that blocked users without explaining why. I mapped Auth0's boundaries early and focused on what we could control: error messages, system states, and reducing steps.
Pressure to ship fast after the attack
The security team wanted it fixed immediately. But rushing a registration flow for 250,000 members would create new problems. I pushed for shipping a secure baseline first, then iterating based on real support data after launch.
Stakeholders editing Figma directly
People were changing content in Figma without telling the design team. This caused rework. I set up a documentation framework with clear ownership, locked Figma permissions, and created content guidelines.
Approach
White-Label Platform Governance
I built a design system with shared tokens and client-specific themes. I defined what could be customised — colour, typography, icons — and what stayed fixed across all clients. Content was the hardest constraint: each client had different wording requirements for regulatory reasons.
When clients or internal stakeholders pushed for bespoke changes, I assessed each request against scalability impact and pushed back with a standardised alternative where the request would add long-term maintenance debt.
White-label design system
Auth0 Registration Redesign
I started by mapping Auth0's constraints with engineering — documenting which steps we controlled and which were locked by the identity provider.
I cut registration steps by combining identity checks. I rewrote error messaging with the security team — clear enough to help members self-resolve, vague enough to not expose sensitive data.
I pushed for shipping the secure baseline first rather than waiting for an optimised experience. After launch, I tracked support patterns and added in-context guidance where members were getting stuck.
Error message design
Impact
White-Label Platform Governance
- Design system governed 5 branded client experiences — fewer ad-hoc requests, faster onboarding of new funds
- Reusable Auth0 integration pattern established for future client onboarding
Auth0 Registration Redesign
- Registration experience delivered for 250,000 members across 2 clients — passed security review without major redesign
- Support calls for registration decreased after simplifying the flow and adding in-context guidance
Reflection
Include engineers from day one. The Auth0 rework taught me this. I haven't had that problem again.
Vague errors create real cost. In financial products, unclear error messages don't just confuse people — they generate support calls and erode trust. Writing error messages with the security team was a design decision, not a copy task.
Set boundaries for customisation early. White-label products fall apart when every client gets bespoke treatment. Clear rules about what can and can't change made the system scalable instead of fragile.
Research
Watch people work in their real environment. Usability testing showed how members interacted with registration. Contextual enquiry showed how call centre staff actually used the administration platform — a completely different side of the product. The member summary screen would never have come from a usability test on the member-facing screens. Different research methods reveal different problems.
Usability testing
I ran 16 usability sessions using internal recruits — new employees who'd never seen the product. Findings were grouped by severity and fed directly into roadmap decisions.
Contextual enquiry
Separately from the member-facing work, I partnered with the other designer to conduct contextual enquiry at a client site — observing how call centre staff used the internal administration platform during live member calls.
Staff were switching between 2–3 sections of the admin tool simultaneously — searching for a member in one screen, updating records in another, all while speaking to the customer on the phone. The cognitive load was invisible until I watched it happen in context. This wasn't a UI problem — it was a workflow problem.
Based on these observations, I designed a member summary screen — a single view surfacing the key information staff needed during a live call. It reduced page-switching and enabled faster, more confident member identification over the phone.