Introduction
Permission screens are where trust gets designed. Who can see what, who can invite whom, what happens when someone is denied access. Across 152 instances from 10 enterprise systems, we mapped every invite flow, role model, share dialog, access-denied page, and destructive action.
The data reveals strong consensus in some areas—"Invite" dominates member lists (8 of 10 systems), "Remove" dominates destructive actions (6 of 9)—but wide divergence in others. Role complexity ranges from 2 tiers (Linear) to 8 (Asana). Half the systems have no request-access flow at all. The biggest opportunity in permission UX isn't adding more role tiers—it's designing what happens when access fails.
46% of all permission CTAs are additive—invite, add, send, join, share. Only 8% are subtractive (remove, cancel, deactivate). Enterprise permissions are designed around granting access, not restricting it.