Solutions

Industries

Partners

Resources

Book a Demo

Topics

Table of Content

How to Prevent Use of Claude Personal Accounts in Your Org

Learn how to prevent use of Claude personal accounts that create governance and compliance gaps.

Prevent creation of personal accounts with work emails

Enabling the settings below will prevent users from creating individual accounts using their work emails.

  1. Verify the organization's domain

    Organization Settings > Organization and Access > Domains > Click 'Verify'

    Then, add the DNS record provided by Anthropic to prove ownership of your domain.

    Note: Organizations can also add and verify multiple domains from this settings section.

  2. Turn on 'Restrict organization creation'

    Organization Settings > Organization and Access > Security > Restrict Organization Creation > Toggle 'ON'

    This setting will prevent the creation of any new organizations from being created under your domain, including personal accounts.

    Note: This setting does not appear to impact personal accounts under the organization's domain that have already been created.

Restrict "Verified Domain" Connectors to Organization Accounts

This setting prevents users from making connections between third-party services tied to a company email address and a Claude account not tied to a company email.

Note: this setting only applies to the following connectors: Google Drive, Google Calendar, Gmail, Microsoft 365, Slack, and Smartsheet

  1. Verify the organization's domain

    Organization Settings > Organization and Access > Domains > Click 'Verify'

    Then, add the DNS record provided by Anthropic to prove ownership of your domain.

    Note: Organizations can also add and verify multiple domains from this settings section.

  2. Enable the connector restriction

    Organization Settings > Organization and Access > Connector Domain Restriction > Restrict verified-domain connectors to your enterprise > Toggle 'ON'

Restrict Claude Code Use to the Organization's Plan

To prevent the use of Claude Code with personal plans, organizations can deploy managed JSON settings that require users to be logged in to a specific organization.

  1. Identify the organization ID

    Click on the ID to copy it to your clipboard.

    Organization Settings > Organization and Access > Organization > Organization ID

    The UUID will be formatted similar to: 394c59b4-f65b-4190-a1b5-e22baf0e64fe

  2. Update Claude Code Managed JSON

    Organization Settings > Claude Code > Managed settings (settings.json) > Manage

    Add the following key, using the org ID you found in step 1.

    "forceLoginOrgUUID": "YOUR_ORG_UUID_HERE"


Limitations

While the above approaches are effective in reducing the risk of personal-account usage with sensitive organization data, there are still several gaps:

  1. Claude accounts with an email outside the organization's oversight

    There are no restrictions noted that prevent a user from creating an account with their personal email and then uploading sensitive internal data.

  2. Not all connectors are 'verified connectors'

    This means that for many connectors, users can connect organization data to their personal Claude account even when the setting "Restrict verified-domain connectors to your enterprise" is enabled.