How Ideas2IT Built the Role-Aware Analytics Platform That Lets Lehigh University's Campus Run on QuickSight Instead of Tableau

Access Architecture and Portal Foundation: establishing SSO-integrated role resolution before the dashboard layer was designed

The first decision was confirmatory, not creative: the SSO integration approach and university identity provider configuration had to be locked before the navigation structure was designed.

1. Lehigh's SSO user roles and QuickSight groups did not map directly, so role resolution required backend services calling the QuickSight API to translate group membership into dashboard routing logic at login.
2. RLS enforcement was confirmed flowing from Redshift through to each dashboard's dataset configuration.
3. A Dev, QA, and Prod environment strategy was defined as a governance structure, not standard scaffolding, to keep access controls auditable as roles and datasets expanded. The assessment of existing dashboards, datasets, and reports in this phase also

Deliverables

• SSO integration assessment and identity provider configuration
• QuickSight API backend for user group resolution
• RLS-enforced dataset and access configuration
• Dev / QA / Prod environment strategy
• Role-to-dashboard navigation taxonomy

Analytics Home Dashboard Build: role-aware navigation and branded campus entry point on QuickSight

With the access model confirmed, Ideas2IT built the Analytics Home Dashboard as Lehigh's single campus-wide entry point into QuickSight.

1. The dashboard was branded to Lehigh's UI and UX standards and integrated into the university web portal as a navigation action, so users accessing analytics followed a path consistent with the rest of their campus experience.
2. Navigation tiles were organised by role category, with QuickSight API routing directing each authenticated user to the dashboard set their group membership resolved to. Role-aware content visibility was configured at the dashboard level so no tile appeared for a role without access rights to the underlying data.
3. Knowledge transfer documentation was built as a delivery requirement, covering configuration, extension, and independent maintenance so Lehigh's team could govern and grow the portal without engineering dependency after handoff.

Deliverables:

• Lehigh-branded QuickSight Analytics Home Dashboard
• Role-aware navigation tile structure
• QuickSight API routing and group membership resolution
• RLS-enforced dashboard visibility
• University portal integration
• Knowledge transfer sessions and documentation

Embedded Advisory and Enablement: QuickSight design patterns and governance for Lehigh's internal analytics teams

The T&M advisory workstream runs alongside the platform build, embedded with Lehigh's internal analytics teams across three functions. The core pattern addressed is the Tableau-to-QuickSight translation problem: calculated fields, drill-down configurations, and advanced visual design work differently enough in QuickSight that Tableau-trained users hit friction on practical tasks.

Advisory support works through these patterns as they arise rather than delivering a training curriculum. Governance consulting covers dashboard design standards, access control best practices, and duplication prevention as data lake access expands to more of the campus.

The objective is capability transfer, not dashboard delivery: the internal teams are the long-term owners of the QuickSight environment, and the advisory engagement is designed so that dependency on external support decreases as the team's QuickSight fluency increases.

Deliverables:

• Calculated field and advanced visual design guidance
• Drill-down and navigation design patterns
• Performance optimisation recommendations
• Dashboard governance and duplication prevention framework
• Access control best practices
• Ongoing technical consulting and design reviews