Prev | Next |
Single Sign-On (SSO) Options
These options are available from Enterprise Architect Release 14.1.
After enabling SSO there are two main options that can be set:
- Restrict access to Windows and OpenID user only
- Automatically create or modify Windows or OpenID users
These options are detailed here.
Access
Ribbon |
Settings > Security > Users |
SSO Options
Restrict access to Windows and OpenID users only |
Enabling this option will stop local model users from being able to log in to the model. Only users validated through either Windows or OpenID SSO will be able to log in. An exception is made for local users who have the 'Security - Manage Users' permission set. This allows a local administrator to still have access and be able to update or modify the SSO settings. |
Automatically create or modify Windows or OpenID users |
Enabling this option will allow the model to create new users derived from the trusted SSO source. Users will be assigned local group permissions based on the groups linked to the SSO provider (see Maintain Groups help topic). Existing users will be assigned to or revoked from linked groups based on their SSO groups. It is recommended to ensure that a local administrator account is available before enabling this option. Notes:
|
Note
It is recommended that you always keep a local model administrator account (with a strong password) to allow recovery in the case the SSO authentication fails (for example, if the OpenID server is offline or mis-configured)