>
    Strata Copilot
    Onboard an OpenAI App to SSPM
    Focus
    Download PDF
    Focus
    1. Home
    2. SaaS Security
    3. Onboard SaaS Apps Supported by SSPM
    4. Onboard an OpenAI App to SSPM
    Download PDF
    SaaS Security

    Onboard an OpenAI App to SSPM

    Table of Contents

    Onboard an OpenAI App to SSPM

    Learn how you can manually provide SSPM with the configuration values for a OpenAI instance.
    Where Can I Use This?What Do I Need?
    • Strata Cloud Manager
    • SaaS Security Posture Management license
    Or any of the following licenses that include the Data Security license:
    • CASB-X
    • CASB-PA
    The onboarding process for OpenAI is different from most applications, because SSPM does not support scans for OpenAI. During the onboarding process for most applications, SSPM establishes a connection to your application instance by using credentials that you provide, such as a login password or an access token. After SSPM has established this connection, SSPM can scan your application instance's settings by using an API provided by the application or by using data extraction techniques.
    Although SSPM does not support scans for OpenAI, you can still onboard an OpenAI application to SSPM. However, when you onboard an OpenAI application to SSPM, you don’t supply SSPM with any authentication credentials. SSPM does not establish a connection to your OpenAI instance and does not run scans to determine the OpenAI settings. Instead, you will manually enter your OpenAI instance's settings, which SSPM will compare against its recommended settings. You can think of this process as a virtual onboarding. SSPM creates a tile on the Applications page to represent your OpenAI instance, but this tile is isolated to SSPM. SSPM will show rule violations for the OpenAI instance, but SSPM determines the violations based entirely on the information that you manually enter. If you change the value of a setting in your application instance, you must also manually update the setting value in SSPM. If you don’t keep the setting values synchronized, the rule violations that SSPM displays will be unreliable.
    To onboard an OpenAI instance, you complete the following steps:
    1. Log in to your ChatGPT Enterprise workspace as an administrator or owner of the workspace.
      Logging in will enable you to view the current values of the configuration settings, and, if necessary, update the settings to our recommended values.
    2. Log in to Strata Cloud Manager.
    3. Select ConfigurationSaaS SecurityPosture SecurityApplicationsAdd Application and click the OpenAI tile.
    4. On the Posture Security tab, Add New instance.
      SSPM displays the onboarding page, which lists the OpenAI configuration settings and our recommended configuration values.
    5. From your OpenAI instance, identify the configuration values, and provide these configuration values to SSPM.
      To avoid triggering rule violations in SSPM, you can update the values in OpenAI to match our recommended values.
      You can enter the configuration values in the fields provided, or upload a comma-separated values (CSV) file that contains the configuration values. To simplify the process of creating the CSV file, you can download a CSV template file from SSPM. To upload a CSV file, complete the following steps:
      1. Select Upload Security Setting Values and then Download Template.
      2. Open the CSV template file in a spreadsheet application such as Microsoft Excel or Google Sheets.
      3. Enter the configuration values into the CSV template file, and save your changes.
      4. Upload your edited CSV file to SSPM, and Save. You can either drag and drop the file into the File Upload area or you can Browse to locate the file.
    6. Connect with OpenAI.
      SSPM adds a tile on the Applications page to represent your OpenAI instance. Based on the values that you entered, SSPM will determine if your OpenAI instance has any rule violations.
      Because SSPM is not scanning your OpenAI instance, you must ensure that the information that SSPM has about your OpenAI instance remains accurate. If you change a setting value in OpenAI, manually update that value in SSPM. To do this, complete the following steps:
      1. Select ConfigurationSaaS SecurityPosture SecurityApplications.
      2. Locate the OpenAI instance's tile and View Details.
      3. Edit Current Value of the setting.

    © 2026 Palo Alto Networks, Inc. All rights reserved.