topic Prisma Access (SWG):- Need to give access of Github's specific repositories to specific prisma access users in Prisma Access Discussions https://live.paloaltonetworks.com/t5/prisma-access-discussions/prisma-access-swg-need-to-give-access-of-github-s-specific/m-p/1251293#M1286 <DIV class="Y3BBE" data-processed="true" data-complete="true" data-hveid="CAEIBRAA" data-sfc-cb="" data-sfc-root="c" data-sfc-cp="">I have a specific use case requiring granular access control for GitHub repositories through Prisma Access.</DIV> <DIV class="Y3BBE" data-complete="true" data-processed="true" data-hveid="CAEIBhAA" data-sfc-cb="" data-sfc-root="c" data-sfc-cp="">We need to restrict specific users to a defined subset of repositories (e.g., <CODE class="o8j0Mc" dir="ltr" data-sae="" data-complete="true" data-sfc-cb="" data-sfc-root="c">://github.com*</CODE>) while ensuring all other GitHub resources remain inaccessible. This is to ensure we are following the <STRONG class="Yjhzub" data-processed="true" data-complete="true" data-sfc-cb="" data-sfc-root="c">Principle of Least Privilege</STRONG> for our external/internal collaborators.</DIV> <DIV class="Y3BBE" data-processed="true" data-complete="true" data-hveid="CAEIBxAA" data-sfc-cb="" data-sfc-root="c" data-sfc-cp=""><STRONG class="Yjhzub" data-processed="true" data-complete="true" data-sfc-cb="" data-sfc-root="c">Example of Specific Requirement:</STRONG></DIV> <UL class="KsbFXc U6u95" data-complete="true" data-processed="true" data-sfc-cb="" data-sfc-root="c"> <LI class="dF3vjf" data-sae="" data-complete="true" data-hveid="CAEICBAA" data-sfc-cb="" data-sfc-root="c"><SPAN class="T286Pc" data-complete="true" data-sfc-cb="" data-sfc-root="c" data-sfc-cp=""><STRONG class="Yjhzub" data-complete="true" data-sfc-cb="" data-sfc-root="c">Target User(s):</STRONG> [User ABC]</SPAN></LI> <LI class="dF3vjf" data-complete="true" data-sae="" data-hveid="CAEICBAB" data-sfc-cb="" data-sfc-root="c"><SPAN class="T286Pc" data-complete="true" data-sfc-cb="" data-sfc-root="c" data-sfc-cp=""><STRONG class="Yjhzub" data-complete="true" data-sfc-cb="" data-sfc-root="c">Authorized Path:</STRONG> <CODE class="o8j0Mc" dir="ltr" data-sae="" data-complete="true" data-sfc-cb="" data-sfc-root="c"><A href="https://github.com/github/gh-aw" target="_blank">https://github.com/github/gh-aw</A>&nbsp;and <A href="https://github.com/github/gh-aw/*" target="_blank">https://github.com/github/gh-aw/*</A></CODE></SPAN></LI> <LI class="dF3vjf" data-sae="" data-processed="true" data-complete="true" data-hveid="CAEICBAC" data-sfc-cb="" data-sfc-root="c"><SPAN class="T286Pc" data-complete="true" data-sfc-cb="" data-sfc-root="c" data-sfc-cp=""><STRONG class="Yjhzub" data-complete="true" data-sfc-cb="" data-sfc-root="c">Security Posture:</STRONG> Default-deny for all other GitHub URLs.</SPAN></LI> </UL> <DIV class="Y3BBE" data-processed="true" data-complete="true" data-hveid="CAEICRAA" data-sfc-cb="" data-sfc-root="c" data-sfc-cp="">&nbsp;</DIV> Tue, 31 Mar 2026 11:30:11 GMT Ravi_Jadav 2026-03-31T11:30:11Z Prisma Access (SWG):- Need to give access of Github's specific repositories to specific prisma access users https://live.paloaltonetworks.com/t5/prisma-access-discussions/prisma-access-swg-need-to-give-access-of-github-s-specific/m-p/1251293#M1286 <DIV class="Y3BBE" data-processed="true" data-complete="true" data-hveid="CAEIBRAA" data-sfc-cb="" data-sfc-root="c" data-sfc-cp="">I have a specific use case requiring granular access control for GitHub repositories through Prisma Access.</DIV> <DIV class="Y3BBE" data-complete="true" data-processed="true" data-hveid="CAEIBhAA" data-sfc-cb="" data-sfc-root="c" data-sfc-cp="">We need to restrict specific users to a defined subset of repositories (e.g., <CODE class="o8j0Mc" dir="ltr" data-sae="" data-complete="true" data-sfc-cb="" data-sfc-root="c">://github.com*</CODE>) while ensuring all other GitHub resources remain inaccessible. This is to ensure we are following the <STRONG class="Yjhzub" data-processed="true" data-complete="true" data-sfc-cb="" data-sfc-root="c">Principle of Least Privilege</STRONG> for our external/internal collaborators.</DIV> <DIV class="Y3BBE" data-processed="true" data-complete="true" data-hveid="CAEIBxAA" data-sfc-cb="" data-sfc-root="c" data-sfc-cp=""><STRONG class="Yjhzub" data-processed="true" data-complete="true" data-sfc-cb="" data-sfc-root="c">Example of Specific Requirement:</STRONG></DIV> <UL class="KsbFXc U6u95" data-complete="true" data-processed="true" data-sfc-cb="" data-sfc-root="c"> <LI class="dF3vjf" data-sae="" data-complete="true" data-hveid="CAEICBAA" data-sfc-cb="" data-sfc-root="c"><SPAN class="T286Pc" data-complete="true" data-sfc-cb="" data-sfc-root="c" data-sfc-cp=""><STRONG class="Yjhzub" data-complete="true" data-sfc-cb="" data-sfc-root="c">Target User(s):</STRONG> [User ABC]</SPAN></LI> <LI class="dF3vjf" data-complete="true" data-sae="" data-hveid="CAEICBAB" data-sfc-cb="" data-sfc-root="c"><SPAN class="T286Pc" data-complete="true" data-sfc-cb="" data-sfc-root="c" data-sfc-cp=""><STRONG class="Yjhzub" data-complete="true" data-sfc-cb="" data-sfc-root="c">Authorized Path:</STRONG> <CODE class="o8j0Mc" dir="ltr" data-sae="" data-complete="true" data-sfc-cb="" data-sfc-root="c"><A href="https://github.com/github/gh-aw" target="_blank">https://github.com/github/gh-aw</A>&nbsp;and <A href="https://github.com/github/gh-aw/*" target="_blank">https://github.com/github/gh-aw/*</A></CODE></SPAN></LI> <LI class="dF3vjf" data-sae="" data-processed="true" data-complete="true" data-hveid="CAEICBAC" data-sfc-cb="" data-sfc-root="c"><SPAN class="T286Pc" data-complete="true" data-sfc-cb="" data-sfc-root="c" data-sfc-cp=""><STRONG class="Yjhzub" data-complete="true" data-sfc-cb="" data-sfc-root="c">Security Posture:</STRONG> Default-deny for all other GitHub URLs.</SPAN></LI> </UL> <DIV class="Y3BBE" data-processed="true" data-complete="true" data-hveid="CAEICRAA" data-sfc-cb="" data-sfc-root="c" data-sfc-cp="">&nbsp;</DIV> Tue, 31 Mar 2026 11:30:11 GMT https://live.paloaltonetworks.com/t5/prisma-access-discussions/prisma-access-swg-need-to-give-access-of-github-s-specific/m-p/1251293#M1286 Ravi_Jadav 2026-03-31T11:30:11Z Re: Prisma Access (SWG):- Need to give access of Github's specific repositories to specific prisma access users https://live.paloaltonetworks.com/t5/prisma-access-discussions/prisma-access-swg-need-to-give-access-of-github-s-specific/m-p/1252429#M1287 <P>Just do custom urls&nbsp;<A href="https://docs.paloaltonetworks.com/advanced-url-filtering/administration/configuring-url-filtering/url-category-exceptions/create-a-custom-url-category" target="_blank" rel="noopener">Create a Custom URL Category</A>&nbsp;and assign it based on AD groups as you Prisma Access to be integrated with your AD through&nbsp;<A href="https://docs.paloaltonetworks.com/prisma-access/administration/prisma-access-user-based-policy/integrate-cloud-identity-engine-with-prisma-access" target="_blank" rel="noopener">Integrate Cloud Identity Engine with Prisma Access</A></P> <P>&nbsp;</P> <P>Also you need to make certain that the fqdn is decrypted in first place and that you have no bypass in the PAC web proxy file as well as to go to Prisma Access SWG.</P> Fri, 17 Apr 2026 12:56:37 GMT https://live.paloaltonetworks.com/t5/prisma-access-discussions/prisma-access-swg-need-to-give-access-of-github-s-specific/m-p/1252429#M1287 nikoolayy1 2026-04-17T12:56:37Z