The story
What was broken
The problems came through clearly in research. One manager had spent hours over a weekend with IT trying to restore affiliate data he'd accidentally deleted. Another said onboarding new team members was taking weeks - the app was too cluttered, people got lost in it. A third complained that the contrast made long sessions physically uncomfortable.
The structural problem was underneath all of it. The app had been built as separate instances per brand - switching meant logging out, loading a different version, logging back in. That worked when managers stuck to one brand. When cross-brand work became standard and the backend unified into a single data source, the model collapsed. The app couldn't support 2FA, had no password recovery flow, and its dashboards had no filtering, sorting, or bulk actions. Every workaround ran through IT.
What I decided and why
Four weeks was the entire window - two for research and design, two for testing and iteration. Internal tool, not directly tied to product revenue. The timeline forced a clear call: fix the core workflows properly, update everything else visually without a full redesign. Some screens got rebuilt. Others got cleaned up and made usable. That trade-off was deliberate.
Keeping the old multi-instance architecture was never a serious option. The backend had already changed - designing around a problem that no longer existed made no sense. Working with IT on authentication and engineering on everything else, we mapped the new model during research and design: a unified login with an in-app brand filter. Log in once, switch brands via a dropdown, data stays separated by brand. Authentication was later replaced by SSO entirely, but that came after this project.
The brand-specific color schemes had a logic originally - when each manager worked in one brand, visual differentiation made sense. When the same person switches between three brands in a day, an interface that changes appearance each time adds noise, not clarity. A unified dark system removed it. The brand logo in the sidebar does the same job without the confusion.
The 2FA integration was mandatory - the cybersecurity team required it and the old app simply couldn't support it. Working with IT, we mapped it into the standard login sequence using an established pattern: login, verify, done. It added one step. As expected, in the first few days after rollout IT tickets spiked as the team completed 2FA setup - then dropped to their eventual 80-85% reduction. The password recovery flow was built the same way: an existing IT module handling the mechanics, mapped into a self-service flow directly in the app.
What shipped
Unified login with a brand filter replaced the multi-instance model. Self-service password recovery and integrated 2FA replaced the IT Slack queue. Dashboards got sortable columns, filtering, pagination, and bulk actions - the data was always there, it just needed to be made manageable. Two-step deletion and inline validation reduced errors in the affiliate link creation flow. A unified dark/light color system replaced the brand-specific schemes, with dark set as default based on unanimous team preference.
The screens that didn't get fully redesigned got cleaned up enough to stop causing friction. Not everything was perfect at handoff. But the core workflows worked the way they should have from the start.
