While connectors are in beta, all connectors are disabled by default. Admins can control which connectors are enabled in Settings → Connectors.

Enterprise, Edu, and Team workspaces can:

For additional information regarding enabling the Google Drive (synced) connector, please refer to our help article: Google Drive Synced Connector - Self-Service Setup

To enable integration between ChatGPT and Microsoft Outlook, Teams, and Sharepoint, the following permissions must be granted within Microsoft Entra ID (formerly Azure AD) for each service:

In Team, Enterprise, and Edu workspaces, only workspace owners and admins have permission to add custom connectors. Users with a regular member role do not have the ability to add custom connectors themselves.

Once a connector is added and enabled by an owner or admin user, it becomes available for all members of the workspace to use.

As with other connectors, end users must authenticate with each connector themselves before first use.

Please note that custom connectors are not verified by OpenAI and are intended for developer use only. You should only add custom connectors to your workspace if you know and trust the underlying application. Learn more.

For additional information regarding how to setup a custom connector using MCP, please refer to our documentation here: http://platform.openai.com/docs/mcp

We protect your data with industry-standard encryption in transit and at rest. OAuth tokens are stored using strong, audited key-management practices. After a connector is enabled, each user authorizes their own account. ChatGPT only accesses content within that user’s existing permissions (e.g., read-only scopes).

OpenAI applies monitoring and detection techniques to help reduce prompt injection risks, and we regularly update our security approach. While no system is perfect and connectors remain in beta, we’re committed to ongoing testing, improvement, and rapid response to emerging threats.

For ChatGPT Team, Enterprise, and Edu customers, we do not use information accessed from connectors to train our modes. Please see our Enterprise Privacy page for information on how we use business data.

Chat search and deep research data are processed transiently and not indexed. Synced connector data is indexed to speed up answers, while respecting your training settings.

Synced connectors: Data indexed from the Google Drive synced connector is stored on OpenAI’s Azure US datacenters and follows your workspace’s retention-window setting. We’re actively working on additional data-residency regions.

Non-synced connectors: Chat search connectors and deep research connectors are compatible with data residency, but it's important to note that connected applications are third-party services, and data sent to a connected application is subject to that application's own data residency policies.

In other words, if you're an organization with Data Residency in Europe, OpenAI will limit storage of Customer Content to take place in Europe up until the point that queries and prompts are sent to a connected application. Please make sure that your connected applications also adhere to any data residency requirements you may have.

Citations and source links from synced connectors are captured by the Compliance API. Coverage for chat search connectors and deep research connectors in the Compliance API is coming soon, along with RBAC and connector-level visibility in the Enterprise analytics dashboard.

In addition to OAuth authentication, owners for Enterprise, Team, and Edu workspaces are able to utilize domain-wide delegation (DWD).