Book a Demo
Prev Next

Model Security

When security is enabled in an Enterprise Architect model, it is necessary for each modeler to login to the model with a user name and password, or to gain access through one of the single sign on options supported (for example Active Directory). With security enabled, model Admin will assign each modeler and/or each modeling group various permitted functions ( Permissions) , possibly fine tuning those permissions by adding specific exceptions (Restrictions) that disallow some types of behavior, such as deleting whole Packages from the model. Permissions generally allow constructive and developmental behavior, Restrictions generally prevent accidental or mistaken destructive behavior. In addition to these two capability modes, the Security model in Enterprise Architect supports things like:

  • Locking of model elements, diagrams and Packages to a User or to a Group
  • Team based Collaboration through Chat, Discussions & Reviews
  • Specific access to customized or limited versions of technologies appropriate to the User/Group capability level and area of concern
  • Accountability through Auditing of significant actions each user carries out in the model

The primary intent of Model Security is not to prevent access to information, but to limit changes to data to those with the expertise and experience in a particular area. Secured models require user authentication up front to limit who actually has access to the model and what permissions and restrictions they operate under within a particular model.

Security is an optional facility in the system. If required it is enabled by the Security Administrator, who at the same time sets the security policy to either:

  • Require User Lock to Edit - the whole project is blocked against editing and the user locks an object to open it and edit it, or
  • User/group locking - the whole project is open for editing and the user locks an object to protect it from being edited

The Security Administrator also sets up the user and group IDs and passwords, which every user requires to log in to the model when security is enabled. Access permissions are assigned to the user IDs to determine which update functions the user can apply. The users can still view any information in the project. If security is not enabled in the project, no login is required and users do not have to have access permissions to perform update functions.

Many of the collaborative team based capabilities and usage scenarios in Enterprise Architect assume that security is enabled and configured.



Settings > Security

User Security

This collection of images highlights some of the facilities of User Security in Enterprise Architect

Security Operations

Operations For


See also


A number of security tasks can be performed only by users with Administrative permissions to the security operations. The person who enables security receives online instructions to login as Admin. This login ID automatically:

  • Has access permissions to perform all security operations
  • Is a member of an Administrators user group, which also has access permissions to perform all security operations
Change Password Viewing and Managing Locks Viewing User Permissions Import User IDs From Active Directory Single Sign-On (SSO) Configure Model Users Configure Model Groups Set Security Policy Enable Model Security Security Group Workflow


Other security tasks can be performed by users who do not have Administrative rights, on work performed under their own user ID. These users must still have the appropriate access permissions to perform many of these 'user' tasks.

Locking Model Elements Lock Packages Under User/Group Locking Lock Objects Under Require User Lock to Edit Identify Who Has Locked An Object Locked Element Indicators Manage Your Own Locks Change Password


  • User Security can be enabled in the Corporate, Unified and Ultimate Editions of Enterprise Architect