Skip to main content
  • EN

dM8EuJ_ZbG6ImYOm9ge6Zzo8iyjGyFzCnS0fmTs1C1mdsepP-sQl1a0w_PK6blQwOjNLcsoslM0TYuN1WjoO8lsZIHYT69OdIpm7QpoTVC7ehKqkoDSjmsgMZ-HeKOtHhLPDDW5myHokpuFbYRDLfKw

Netskope Global Technical Success (GTS)

Use Case - ChatGPT - Block Phone login

 

Netskope Cloud Version - 126

Objective

ChatGPT - Block login via phone

 

Prerequisite

Netskope CASB Inline & SWG license is required

 

Context

ChatGPT provides a phone login option in addition to Single Sign-On (SSO). This document explains how to block users from accessing ChatGPT via phone login.

AD_4nXepFQX6RVHhhIA7LMIh6acwVymaj59IorHcKbHH2oZlJ14idIME8Fb7PNZhUJKopFiRyaEVCthcjaCdjUCzo0cZ8siYS_vs12Pw9M9VfL9i2vzylOnj7ZAqdGA0C2JiNn0bHF3vnw?key=hyH0Z02sFZnEE4E-rf22kQ

Before we being

To block ChatGPT logins via phone number, we can target the network call initiated after a user enters their country and phone number and clicks "Continue". Analysis shows the website makes a specific call at this point, which will be the focus of our blocking mechanism.

 

AD_4nXeGS8PfXXirXWP36mqp9AbmQcshBh5HfXsGYcf85GoPeWsc8ji8uCofK1rHV0oX-tpo5dSM1o_semPYT--D3Lu_h_mA_xIHEBDUmD9XJoI3MhHRlGs2RDOR5FeQqIkZkYEBKsEi?key=hyH0Z02sFZnEE4E-rf22kQ

 

Configuration

Step #1 - Create an URL List

Path: Netskope Tenant UI >>> Policies >>> URL Lists

  • Click on “New URL LIsts”, add a name and the below URL as exact match, save and apply changes

AD_4nXd0a7r7NbN9F8dLdWc0LMsLwYj5sM7wQvc3myT_AjQrHOGZ0ekwqpHCamUaScbn-jZsyHqJvhke4aqZmj1N_opCO0tgDJ1DrZdfDnAGCgB5RA7LZTeepVw_yVvohGb1Sn-drCCTOg?key=hyH0Z02sFZnEE4E-rf22kQ

ℹ️ URL: auth.openai.com/api/accounts/authorize/continue

 

Step #2 - Create a Custom Category

Path: Netskope Tenant UI >>> Policies >>> Custom Categories

  • Click on “New Category”, add a name and the above URL, save and apply changes

AD_4nXeqYq4NbrCm-2DCpHSlv9YRoJ1jlNyM9DzGwRM8pUJvyDSuedJW-a_1BZtaB8POVjCQoOZEMchu9ZCCCL8FSs2Bg5MLbF3NhHAlhmwdCOgeXkUU7ZRFDebeRtw1vvNmyOX-d2ON?key=hyH0Z02sFZnEE4E-rf22kQ

 

Step #3 - Create a HTTP Header

Path: Netskope Tenant UI >>> Policies >>> HTTP Header

  • Click on “New HTTP Header Profile”, add a name, search for “Referer”, select RegEx, add the following RegEx, then save

AD_4nXdj4W2H6_QVDbJGuuo3Lm7kaXLipcmQB5OEEwFb56qEekDTMLS9pKanVUUyuzpgqwEk7USUYqSFgDHrYJxCxEcSZqQHCiXvQ-oRTmnwO_iONEM1e0GK-ES5BN8Qwn3uXjghvvvpqQ?key=hyH0Z02sFZnEE4E-rf22kQ

 

ℹ️ RegEx: .*auth.openai.com\/log-in\?usernameKind=phone_number

 

Step #4 - Create a Real-Time Policy

Path: Netskope Tenant UI >>> Policies >>> Real-time Protection

  • Click on “New Policy”, select “Web Access”, then add the following configuration, and apply changes

AD_4nXehY7okVVTKy0pmf2jGQZ2BYkKMJIJEC-fvaXP0fky88_tyYab-sBDC2HTAyiELGB-t5cf4KE9JRiy4oxUcI7wqzU3N7raeJGB48jQvrSaUppqqgPcRtjzq2vH9nCPNLwxk2ymMOw?key=hyH0Z02sFZnEE4E-rf22kQ

 

Validation

Users attempting to log in with a phone number will now be denied access after clicking "Continue."

 

AD_4nXf9C6_tw6KmcvMuCWm7Z5Cotkv0kiupgNplLtFevUzSlXwWzWJhZHv0TLOVuyHz7gKAfPHitcoDlXY9awss1y2ePJ3xTmlO7ukqRoyYwOH6KZ2irNOl48Kb3dmfRvaIDWyHaVO7cQ?key=hyH0Z02sFZnEE4E-rf22kQ

 

Terms and Conditions

  • All documented information undergoes testing and verification to ensure accuracy.
  • In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.

Notes

  • This article is authored by Netskope Global Technical Success (GTS).
  • For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.
Be the first to reply!

Badges Winner

Show all badges

Not finding what you're looking for?

Don't be shy and let us know about your challenge.

Ask your question here!
Terms & ConditionsCookie settings