
This lesson describes how to define access rights to folders, diagrams, the dictionary, and dictionary categories. It also shows how to assign access rights to users and user groups. Select each tab below to begin.
Managing Users Access Rights
Practical Examples
Let's take a look at some practical examples on access rights based on folder structure and user groups. It's best to first decide on the folder structure before you begin to manage users and their access rights.
Choosing the right structure
Best Practices for Managing User Groups
When dealing with a large number of users, the provided user group functionality allows you to manage access rights easily.
With groups, you can:
- Effectively manage a large number of users
- Define their access rights by creating a group for each organizational role
- Set up a group hierarchy
This simplifies assigning access rights and feature sets to users. You can also grant both groups and users access to read, edit, delete, and publish diagrams on a folder-level.
Take a look at the groups' access rights below.

Both modeler groups are part of the group 'All Modelers' and have reading access to all folders and processes. Group A has an additional access right to edit processes in the public process folder, whereas the sensitive processes can only be edited by Group B.
Watch the video below to see how to grant folder access.
Please note, the video below contains audio.
Limiting Access
When you grant access to a folder, users have access to the complete folder. Another possible approach is to limit the access to specific folder content.
Watch the video below to see how to limit access to specific content.
Best Practice: Sandbox Setup
Setting up a sandbox allows you to keep an organized and productive environment while still allowing multiple users to provide input. The sandbox approach can be used for both the dictionary and process repository. The steps for creating sandboxes in the dictionary are:
- Create a sub category for a dictionary category (e.g. Sandbox Documents)
- In the user management tab, grant all users access to provide input
- Restrict access to the parent category, e.g. only give your process management team access to this
Do the same for folders to create a playground for your modelers or to enable Collaboration Hub users to create quick model processes as well.
Recommendation: A dedicated team with global access rights should go over the sandboxes periodically to transfer the approved content to the parent folder or category.
Watch the video below to see an example how to set up your sandbox.
Below are the available access rights you can give to your users and groups. Select each of them to learn more.