3DEXPERIENCE Platform People and Organization Guide

Admin

What is P&O in 3DExperience platform

P&O stands for People & Organizations which essentially explores into how the 3DEXPERIENCE Platform governs who can access what and how the enterprise data is partitioned and protected. It’s the core security mechanism inside the platform.
In simpler terms: It handles who you are (person), where you work (organization), what your role is, and which collaborative area you’re in (collaborative space + security context).

PLM Dev Guide - People And Organization

Collaborative Space: Think of your virtual team zone

Imagine you are working in a large manufacturing site. The “Collaborative Space” is like the dedicated project zone marked off for your team’s tools and materials. On 3DEXPERIENCE, it’s a logical container used primarily for managing access and separating content so one team doesn’t interfere with another.
If you’re working with multiple teams like design, engineering, and manufacturing each can have its own collaborative space to keep things clear.


Security Context: Your badge into the right zone

Every time when user log into 3DEXPERIENCE platform, user carry more than a username but, carry a security context. This context is built from user Role + Organization + Collaborative Space. That combination of three defines what user can see, edit, or manage.
Here’s what that means for you:

  • If you’re a Project Lead in the Engineering Organization and working inside “Design Team Space”, the system only shows you what your security context allows.

  • You were not allowed to log-in into a different space (say Manufacturing) without the right context.


How the P&O data model is structured

Let’s map out how data, roles and ownership all come together inside the system.
The P&O model includes two big groups:

  • Administrative Objects — the “people, organizations, roles, spaces” setup. 

  • Business Objects — the actual data you work on (CAD files, BOMs, documents) which carry ownership and context info. 

A key concept here is the ownership vector: each object gets tagged with who owns it (person), what organization it belongs to, and what collaborative space it lives in. 
When you upload a file, your active security context stamps it; if you share it across teams, secondary ownership vectors may come into play.


One Click vs. CSE: Which deployment style fits your team?

You may see two terms thrown around: One Click (also known as the baseline model) and CSE (Customer Specific Environment). Let’s break them down so you can decide what works for us.

One Click

  • Think of it as the “plug-and-play” mode: predefined roles (Reader, Author, Leader, Admin etc.), minimal customization. 

  • Ideal if your organisation is new or you want quicker setup and fewer custom policies.

  • Benefits: faster roll-out, fewer upgrades headaches, consistent behavior across all apps. 

CSE

  • This is the tailor-made version: every app may define its own roles and rules (vertical roles). 

  • Use this if your business demands fine-grained access control, or you are migrating from a legacy system with heavy customization.

  • More flexibility — but also more complexity.

How to choose

When you and I evaluate which path to take, consider:

  • Do we need many custom roles or just standard team roles?

  • Which applications are we using? Are they compatible with One Click?

  • Is this a fresh install or an upgrade of a deeply customised environment?

  • Are we okay with limited customisation (One Click) or do we require deep domain-specific processes (CSE)? 

Switching: A caution

If you pick One Click, switch to CSE — or vice-versa — mid-project, you risk creating a hybrid state that’s unsupported. Don’t assign both One Click and CSE roles to a user. 


How to know which mode you’re running

Here’s a quick checklist for you:

  • Go to Experience Configuration → Manage P&O and Content → Manage My Options. There you’ll see which mode is selected.

  • But don’t stop there — check which roles are assigned in actual use. If you see both One Click (VPLM roles) and CSE (vertical roles) mixed, you may be in trouble (unsupported config). 

  • Inspect your collaborative spaces: One Click spaces will have properties like “SOLUTION=Team” or “FAMILY=StandardTeam”. CSE spaces may be hierarchical, with different solutions.



Putting it all together: Why you should care

If you’re overseeing PLM / CAD / Enovia in your company (just like I have done), the P&O structure becomes your backbone for data security and team collaboration.
Here’s why you’ll appreciate this:

  • The right access model means only the right people see the right data, avoiding leaks or chaos.

  • Choosing the correct deployment mode (One Click vs CSE) means less rework, fewer upgrade headaches, and better alignment to your organization's complexity.

  • Proper collaborative space design helps keep your teams independent yet connected — so you move faster.

  • Understanding ownership vectors means you can trace who owns what, who can edit, and how sharing happens — which matters for audit, compliance and productivity.


Final word: Let’s make this work for us

You and I both know that choosing the wrong model or mis-configuring access can lead to serious headaches down the line. So let’s commit to:

  1. Mapping out our organizational roles, teams and spaces clearly.

  2. Deciding early whether One Click or CSE fits our (that is, yours's and mine) organization.

  3. Building our collaborative spaces and security contexts to reflect our real workflow.

  4. Documenting our ownership vectors and making sure each object has the correct stamps.

  5. Revisiting periodically to ensure the model is still aligned — because things change.

In short: The P&O model in the 3DEXPERIENCE Platform isn’t just a technical detail — it’s the foundation of how we collaborate securely and efficiently. And by mastering it, we both win: you because your team works smoother, and I because I helped you make that happen.

Reactions

Post a Comment

0 Comments