12-19-2025 11:55 AM
How are people policing logins to Chatgpt for enterprise only logins?
https://help.zscaler.com/zia/adding-tenant-profiles
Zscaler does it.
Palo does it for microsoft.....
How are people doing this with decryption and Palos native app id, NOT the ACE subscription?
Is this possible?
02-13-2026 12:56 AM
Hi @Sec101 I think, we can do it using header insertion. For this, you would need to decrypt the target URL traffic ( in this case, it will be chatGPT URL/s) and you need to follow correct header insertion so appropriate action can be taken. We have done this for O365, GitHub for personal accounts restrictions. I think, you should check with OpenAI support for getting your enterprise account slug/tenant details.
Ref -
Use HTTP Headers to Manage SaaS Application Access
HTTP header insertion workaround for HTTP/2.0 SaaS applications - Knowledge Base - Palo Alto Network...
How to insert multiple domains in HTTP Header Insertion - Knowledge Base - Palo Alto Networks
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
