Defining the UX Principles for an AI Agent Management Platform

Intuit was shipping AI agents across its product ecosystem. Each team was building its own approach to provisioning, action previewing, and behavior monitoring. I led research to define the governance principles that became the foundation of a customer-facing centralized AI agent management platform.

RoleLead Researcher
TeamPlatform Identity
Timeline6 weeks
MethodStructured interviews + unmoderated nav test

The TLDR;

As AI agents expand from answering questions to taking actions across tools and systems, users face a new class of risk: agents can move fast, operate at scale, and create compliance exposure if provisioning, oversight, and auditability are unclear. I led a two-part study with people who build and manage agents across varying levels of technical sophistication to define the core requirements for trustworthy agent deployment. The outcome was a three-phase trust framework, a validated architecture recommendation, and a set of platform priorities that the Identity team adopted as their shared AI agent governance roadmap.

Impact

The three-phase trust framework was adopted as the organizing structure for Platform Identity's AI agent governance roadmap.

Why this research was needed

Intuit was starting to ship AI agents across its product ecosystem (QuickBooks, TurboTax, Credit Karma, Mailchimp). Each product team was building its own approach to agent provisioning, action previewing, and behavior monitoring. The fragmentation created two compounding problems: compliance gaps from inconsistent governance, and stalled adoption because users had no consistent way to understand or control what agents were doing.

The platform question was specific: what governance principles does Identity need to provide so that the AI agents business units build can scale across products without eroding trust?

Methodology

I conducted 8 structured interviews with people who had built or managed AI agents in real business contexts. I deliberately recruited across three segments of technical sophistication to separate universal governance needs from segment-specific gaps.

Low-code builders: non-technical founders using tools like Zapier to automate workflows. Enterprise users: directors and PMO leads deploying agents at scale with compliance requirements. Technical AI builders: staff engineers and platform architects managing deployment across production environments. The range was intentional so we could build for users across the technical proficiency spectrum.

To test the discovery findings and test the architecture recommendation, I ran an unmoderated usability test with 100 existing QuickBooks product admins. I used a between-subjects design with 5 task groups: enabling agents, stopping an unexpected agent action, reviewing agent permissions, turning off an agent, and assigning agents to a user. I chose unmoderated because researcher priming would have biased entry-point selection. The core question was where admins would naturally navigate without any guidance.

Findings

Across the interviews, participants naturally described agents using the same language they use for new employees: interview, train, supervise, grant autonomy gradually, keep monitoring. This metaphor emerged consistently across all three segments and became the way the team communicated the framework to leadership and cross-functional partners. The journey maps make the stakes visible. One low code builder's emotion arc (Hopeful, Committed, Frustrated, Distrustful, Resigned) traces the exact failure mode the governance platform is designed to prevent: a user who went all in, hit a wall of opacity, and ended up relying on customer complaints to know when something went wrong.

Low code builder journey map

One advanced builder's arc looks different on the surface but leads to the same gap. The emotion track (Confident, Efficient, Overextended, Alarmed, Reactive) maps a user who moved fast, deployed at scale, and assumed visibility would come later. It didn't. An agent approved the correct discount but applied the wrong amount to a client proposal — and the error wasn't caught until final deal review. The failure mode isn't opacity from lack of access. It's velocity without monitoring infrastructure, and the downstream cost of discovering that only after something breaks.

Advanced builder journey map

The three-phase trust framework

Trust & Evaluate

Users need to understand what data the agent accesses, what decisions it can make, and who can modify it before they enable it. The shared requirement was scope transparency before the agent acts.

"I don't trust it. I would like to, but I can't see what it's doing or what data it's using." — Founder, Holistic Health Ed

Deploy & Configure

Every participant described a "trainee mode" where agents start under human review. The key tension: giving a user access to an agent could expand their data permissions beyond their existing role.

"The output isn't gospel. It's a draft. The human-in-the-loop has to sign off." — CEO, FinTech

Operate, Monitor & Intervene

Most participants managed by exception, discovering failures only when someone complained. The gap was proactive monitoring for plausible-but-wrong outputs.

"The agent approved the correct discount but applied the wrong amount to the proposal, which was not caught until final deal review." — Director, Tech Consulting

Users navigate by urgency and business function, not by "AI" as a category

The nav test revealed a consistent split in navigation behavior. When tasks were abstract and account-level, like enabling agents, admins went to Settings or an AI hub, thinking about the account as a whole. When tasks were urgent and context-specific, like stopping an unexpected agent action, admins navigated to the feature domain first, thinking about the job to be done.

A single centralized AI hub is not sufficient. Admins need controls surfaced where they already work. This finding directly shaped the architecture recommendation: Settings as the primary home for AI management, with contextual controls embedded within each product domain.

Design provocations

I built provocations in Cursor to make the framework tangible. The goal was giving PM, Design, and Engineering something concrete enough to react to, so alignment conversations could move from "what should we build" to "how should this work." They included an agent detail card surfacing scope transparency, a HITL configuration panel for approval workflows, and a role-based entitlements view with granular Use/Edit/Pause/Revoke permissions.

Design provocation 1Design provocation 2Design provocation 3

Design provocations built in Cursor: agent detail card, HITL configuration panel, and role-based entitlements view.

What changed

The three-phase trust framework became the organizing structure for Platform Identity's AI agent governance roadmap, prioritized across two teams: Platform Identity and the QB Agent Experience team. Aligning both teams on shared centralization must-haves meant neither team had to run duplicate discovery.

The now/next/later roadmap framed investment decisions for executive stakeholders. Now: role-based entitlements, admin overrides with granular permissions, and a standardized auditing schema across business units. Next: planning mode and sandbox for pre-deployment testing, plus hallucination monitoring. Later: a human-in-the-loop workflow framework and an agent marketplace upsell moment.

The governance principles apply to every future agent launch across the Intuit platform, extending beyond the initial QB implementation.