Limit custom gpt to only certain users

Hello there,
is there a way i can share a link to my custom gpt and only limit it to certain people, lets say by email or somehow?? So the custom gpt can be accessed not by everyone or when the link gets leaked. So i my customers feel safe that no one else has access to their custom gpt they are paying for and thus the outputs/data. And is this feature planned in the future if there is no way to enforce this??

Hi @Simon2000

Go to My GPTs page

1- Click to edit your custom GPT
2- Select Share
3- Select Anyone with the link
4- Save

…now you can copy your custom GPT’s link and share it.

2 Likes

I know, the issue is what if someone you dont want gets access to the link aswell?

Lets say you have custom gpt that is retrieving some company docs and the link is leaked, that would cause trouble right? And relying on one link is kinda on the edge

Interesting problem @Simon2000

At the moment this is only possible if you’re part of a team or enterprise plan.

1 Like

Yes, but the team plan seems to be more for devs right? Its not for your customers.

It’s for businesses and teams with atleast 2 members.

More info here:
https://help.openai.com/en/articles/8792828-what-is-chatgpt-team

This should allow you to limit access to only your team/org

1 Like

Yes, i know, but thats not what i am looking for, as you stated above it seems currently its only solved by the fact that you dont leak your url link to the custom gpt… When i want to share the gpt with only my customers.

In that case, you can get creative and write an in-GPT logic that only allows users you want to use the GPT.

1 Like

yeah, but the jailbreaks are infinite so trying to stop someone after getting hands on the chat is too late in my opinion

Simon2000
sefcik.simon

Is this a second account?

You might look into actions tied to your user database maybe…

1 Like

it is actually, given the variety of login options i forgot the older acc, but what you mean by user database? in what context? Like custom action that checks if lets say email is matching of user that is trying to chat with the customgpt?

You’re right, It is possible. In identifying the risks associated with relying solely on a single link to share a custom GPT, especially when it deals with sensitive company documents. If the link gets leaked, anyone with it can access the GPT, potentially exposing confidential information.

I saw some GPTs that use “Custom Action for Email Verification”. For example, when a user initiates a conversation, the GPT asks for their email. The action would then cross-reference this email with a pre-approved list. If the email matches, the user can proceed; otherwise, they are denied access.

The custom action can be connected to a database where you store your customer emails. When the GPT checks user credentials, it pulls data from this database to verify whether the user is authorized. This way, even if the link is leaked, unauthorized users won’t be able to interact with the GPT without the correct email credentials.

You may find some custom GPTs searching on GPT Store. There are some custom GPTs for example about writing more Humanize style, they use action, and verify your account connecting to their website. If your account verified, you can get service from GPT.

But we must remember, jailbreak is possible. So, you should not connect sensitive data into GPT, and Should do not active Data Analysis & Code Interpreter tool because they help users for download files from GPTs. Although, the tool is inactive, but users can try to print the content of the files word by word. It may take times but they can be leaked.

3 Likes

Ye, thanks for the additional info this is the email from open ai support i recieved and with it we can close this issue i think as we need to wait for further security updates for gpts.

Thank you for reaching out to OpenAI support with your query regarding the security features for sharing Custom GPTs. We appreciate your focus on ensuring that access is restricted to intended users only, especially when sensitive data is involved.

We are indeed committed to enhancing the security and functionality of our platform continuously. While we cannot share specific timelines or details about upcoming updates at this moment, please know that user feedback like yours is a crucial driver for our development priorities.

Currently, for controlling access to your Custom GPTs, we recommend utilizing the “Invite only” sharing setting. This option provides a more controlled environment by allowing access exclusively to individuals you invite. For detailed instructions on managing these settings, please visit our help article on restricting GPT’s share settings.

How do I restrict my GPT’s share settings.

Your insights are invaluable, and we will certainly relay your suggestions about further security enhancements to our development team as they plan future updates.

Thank you once again for your proactive approach and for helping us improve our service. We welcome any additional suggestions or insights you might have—your feedback is essential in helping us enhance our offerings.

1 Like

Hi Simon, I have been having the same issue where I’d like to limit things by email for example but cannot see the option you’ve posted that you got when OpenAI responded.
Do you have a Teams or Plus account to get that option? I have a Plus account. Also are you in the US? I know here in the UK some of our options are different unfortunately!

2 posts were merged into an existing topic: Access to personalized GPT by invitation